Analisando a adoção de políticas de segurança da informação em empresas de base tecnológica: A gestão do conhecimento como abordagem de investigação
| Ano de defesa: | 2013 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal da Paraíba
Brasil Administração Programa de Pós Graduação em Administração UFPB |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | https://repositorio.ufpb.br/jspui/handle/tede/3829 |
Resumo: | Along the rise of the knowledge society, the classical factors of production are being overtaken by the information as the most important asset of organizations. Due to this growing importance, ensure information security is crucial for organizations to succeed. In this context, technology-based companies that develop Information and Communication Technologies (ICT) solutions are of great importance. The objective of this research is characterized by investigating how the technology-based companies proceed to ensure information security and verify if knowledge sharing is the primary mean by which individuals attempt to ensure information security. Also are objectives of this research, investigating the knowledge that individuals associated with these companies have about standards and best practices in information security, besides the technological means used by them. To achieve our goals, we selected the participating companies from Farol Digital, and conducted semi-structured interviews with employees for data collection. Content analysis was the chosen approach to infer conclusions. As conceptual models we used Choo‟s (2006) knowledge cycle in organizations and the model of factors that influence knowledge sharing developed by Ipe (2003). We found that the information security procedures are developed informally. We also found that knowledge sharing is quite frequent in organizations, except when the knowledge is about information security. We explain this by the fact that the information security is a critical issue, where sharing wrong information can lead to harmful consequences for the sharer because the main advantage for sharing knowledge is the prestige acquired. Thus, they avoid sharing knowledge related to information security fearing that his image can be damaged, passing the responsibility of the security decisions to leaders and project managers. |