A influência do contexto no comportamento responsável relativo à segurança da informação

Detalhes bibliográficos
Ano de defesa: 2014
Autor(a) principal: Dini, Ruy Carlos Gomes lattes
Orientador(a): Luciano, Edimara Mezzomo lattes
Banca de defesa: Não Informado pela instituição
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Pontifícia Universidade Católica do Rio Grande do Sul
Programa de Pós-Graduação: Programa de Pós-Graduação em Administração e Negócios
Departamento: Faculdade de Administração, Contabilidade e Economia
País: BR
Palavras-chave em Português:
Área do conhecimento CNPq:
Link de acesso: http://tede2.pucrs.br/tede2/handle/tede/5689
Resumo: Internal Information Security incidents are still considered as the most present in the current organizational reality. Although previous studies have emphasized the importance of human and behavioral aspects in the management of Information Security, they are usually left in the background by organizations. However, the behavior of the employee may be the most significant element in the compliance and implementation of an Information Security Policy, since several factors present in the context in which employees are embedded can influence this behavior. From a conceptual model developed based on previous studies, an interviews script was developed, tested, validated and applied in 14 interviews with CIOs or equivalent managers of large companies that use practices and daily efforts to maintain the Information Security. With the interpretation of the interviews, it was possible to identify the perceived influence of factors of the organizational context and the context of Technology and Information Security in the responsible employee behavior on Information Security, in an attempt to protect against the insider threat vulnerabilities of information security. The results show strong evidence of the relationship of the organizational context on responsible behavior, because all variables were perceived by respondents. In relation to the context of Technology and Information Security, most of the variables obtained in the perceived influence responsible behavior. Based on the categorical content analysis of the interviews, it was also possible to identify the triggers of responsible behavior related to Information Security, which has positive implications for the effectiveness of managing information security in organizations.