Kształtowanie elementów kultury organizacyjnej zorientowanych na zachowanie bezpieczeństwa informacyjnego
Forming the elements of organisational culture aimed at maintaining information security
Author(s): Daniel GachSubject(s): Labor relations, Security and defense, Culture and social structure , Management and complex organizations
Published by: Oficyna Wydawnicza AFM Uniwersytetu Andrzeja Frycza Modrzewskiego w Krakowie
Keywords: information security of the organization; organizational culture; employee attitudes and behaviours; information security culture;
Summary/Abstract: Nowadays, in management, emphasis is put on the assumption that the key factors for business success are well-used intangible assets, which include a type of knowledge based on information that plays an enormous role, which in turn is formed on the basis of data that take the form of giant collections (so-called ‘big data’). Their acquisition, collection and processing poses the risk guaranteeing safety from the point of view of behaviours and attitudes. This is because technological progress stays ahead of the employees’ preparation for the use of modern security instruments in this area. The goal of the paper is to provide the basic elements of the social dimension of information security for an organisation. The starting point for the considerations is the discussion of examples of employee behaviours that are conducive and also endangering the confidentiality of information resources. The paper provides examples of the activities of members of an organisation who, guided by individual benefits, with a low level of awareness of the effects of their actions, have created situations that have increased the risk of losing key information resources. Subsequently, the paper discusses the model of organisational culture as suggested by Edgar H. Schein with its enrichment of the concept “organizational heroes”, proposed by Geert Hofstede. The indications of the method and the power of the impact of organisational culture on the functioning of the members of the company were approximate. The final part of the paper presents the concept of organisational subculture, which rests on information security culture, together with the analysis of examples of actions aimed at its shaping and development.
Journal: Bezpieczeństwo. Teoria i Praktyka
- Issue Year: XXXIII/2018
- Issue No: 4
- Page Range: 157-169
- Page Count: 14
- Language: Polish