{"id":"https://openalex.org/W2097940378","doi":"https://doi.org/10.1007/978-3-319-18467-8_20","title":"Practice-Based Discourse Analysis of InfoSec Policies","display_name":"Practice-Based Discourse Analysis of InfoSec Policies","publication_year":2015,"publication_date":"2015-01-01","ids":{"openalex":"https://openalex.org/W2097940378","doi":"https://doi.org/10.1007/978-3-319-18467-8_20","mag":"2097940378"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-319-18467-8_20","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-319-18467-8_20","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-319-18467-8_20.pdf","source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://link.springer.com/content/pdf/10.1007/978-3-319-18467-8_20.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5109295104","display_name":"Fredrik Karlsson","orcid":"https://orcid.org/0000-0002-3265-7627"},"institutions":[{"id":"https://openalex.org/I26437253","display_name":"\u00d6rebro University","ror":"https://ror.org/05kytsw45","country_code":"SE","type":"education","lineage":["https://openalex.org/I26437253"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Fredrik Karlsson","raw_affiliation_strings":["CERIS, Department of Informatics, \u00d6rebro University School of Business, SE-701 82, \u00d6rebro, Sweden"],"affiliations":[{"raw_affiliation_string":"CERIS, Department of Informatics, \u00d6rebro University School of Business, SE-701 82, \u00d6rebro, Sweden","institution_ids":["https://openalex.org/I26437253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005569661","display_name":"G\u00f6ran Goldkuhl","orcid":"https://orcid.org/0000-0003-2235-1103"},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"G\u00f6ran Goldkuhl","raw_affiliation_strings":["Department of Management and Engineering, Link\u00f6ping University, SE-581 83, Link\u00f6ping, Sweden"],"affiliations":[{"raw_affiliation_string":"Department of Management and Engineering, Link\u00f6ping University, SE-581 83, Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I102134673"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038693612","display_name":"Karin Hedstr\u00f6m","orcid":"https://orcid.org/0000-0003-2304-7170"},"institutions":[{"id":"https://openalex.org/I26437253","display_name":"\u00d6rebro University","ror":"https://ror.org/05kytsw45","country_code":"SE","type":"education","lineage":["https://openalex.org/I26437253"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Karin Hedstr\u00f6m","raw_affiliation_strings":["CERIS, Department of Informatics, \u00d6rebro University School of Business, SE-701 82, \u00d6rebro, Sweden"],"affiliations":[{"raw_affiliation_string":"CERIS, Department of Informatics, \u00d6rebro University School of Business, SE-701 82, \u00d6rebro, Sweden","institution_ids":["https://openalex.org/I26437253"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5109295104"],"corresponding_institution_ids":["https://openalex.org/I26437253"],"apc_list":null,"apc_paid":null,"fwci":0.5714,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.65604027,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"297","last_page":"310"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.673987865447998},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.6233804225921631},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.5593010783195496},{"id":"https://openalex.org/keywords/compliance","display_name":"Compliance (psychology)","score":0.5263979434967041},{"id":"https://openalex.org/keywords/standard-of-good-practice","display_name":"Standard of Good Practice","score":0.5116584897041321},{"id":"https://openalex.org/keywords/accidental","display_name":"Accidental","score":0.47906240820884705},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.46690163016319275},{"id":"https://openalex.org/keywords/perspective","display_name":"Perspective (graphical)","score":0.46630537509918213},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.46604597568511963},{"id":"https://openalex.org/keywords/public-relations","display_name":"Public relations","score":0.44395095109939575},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.4402253031730652},{"id":"https://openalex.org/keywords/quality","display_name":"Quality (philosophy)","score":0.4272494614124298},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3625293970108032},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3011711537837982},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.2909129858016968},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.22717636823654175},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.17102456092834473},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.1660115122795105},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.16583240032196045},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.14131590723991394},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.0789354145526886}],"concepts":[{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.673987865447998},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.6233804225921631},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.5593010783195496},{"id":"https://openalex.org/C2781460075","wikidata":"https://www.wikidata.org/wiki/Q1399332","display_name":"Compliance (psychology)","level":2,"score":0.5263979434967041},{"id":"https://openalex.org/C47309137","wikidata":"https://www.wikidata.org/wiki/Q7598357","display_name":"Standard of Good Practice","level":5,"score":0.5116584897041321},{"id":"https://openalex.org/C126965237","wikidata":"https://www.wikidata.org/wiki/Q816335","display_name":"Accidental","level":2,"score":0.47906240820884705},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.46690163016319275},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.46630537509918213},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.46604597568511963},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.44395095109939575},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.4402253031730652},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.4272494614124298},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3625293970108032},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3011711537837982},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.2909129858016968},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.22717636823654175},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.17102456092834473},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.1660115122795105},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.16583240032196045},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.14131590723991394},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0789354145526886},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C24890656","wikidata":"https://www.wikidata.org/wiki/Q82811","display_name":"Acoustics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-3-319-18467-8_20","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-319-18467-8_20","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-319-18467-8_20.pdf","source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},{"id":"pmh:oai:HAL:hal-01345115v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01345115","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.297-310, &#x27E8;10.1007/978-3-319-18467-8_20&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":{"id":"doi:10.1007/978-3-319-18467-8_20","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-319-18467-8_20","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-319-18467-8_20.pdf","source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/1","score":0.6399999856948853,"display_name":"No poverty"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2097940378.pdf","grobid_xml":"https://content.openalex.org/works/W2097940378.grobid-xml"},"referenced_works_count":43,"referenced_works":["https://openalex.org/W18112494","https://openalex.org/W172531423","https://openalex.org/W227670992","https://openalex.org/W1481628372","https://openalex.org/W1492502800","https://openalex.org/W1521264059","https://openalex.org/W1522588346","https://openalex.org/W1527311855","https://openalex.org/W1544923555","https://openalex.org/W1585967407","https://openalex.org/W1597835403","https://openalex.org/W1658908529","https://openalex.org/W1923687271","https://openalex.org/W1936633569","https://openalex.org/W1985044911","https://openalex.org/W1987002300","https://openalex.org/W2000667443","https://openalex.org/W2005191069","https://openalex.org/W2006479099","https://openalex.org/W2032521021","https://openalex.org/W2044935933","https://openalex.org/W2057864103","https://openalex.org/W2070504353","https://openalex.org/W2104619000","https://openalex.org/W2111695375","https://openalex.org/W2112479167","https://openalex.org/W2142318891","https://openalex.org/W2148053293","https://openalex.org/W2167857801","https://openalex.org/W2170586945","https://openalex.org/W2171113940","https://openalex.org/W2227078611","https://openalex.org/W2278109028","https://openalex.org/W2312880691","https://openalex.org/W2335348029","https://openalex.org/W2483614485","https://openalex.org/W2516800336","https://openalex.org/W2563485765","https://openalex.org/W3022607203","https://openalex.org/W3106993834","https://openalex.org/W4234586526","https://openalex.org/W4253023950","https://openalex.org/W6635634007"],"related_works":["https://openalex.org/W40842196","https://openalex.org/W2126017555","https://openalex.org/W2584162156","https://openalex.org/W2483557577","https://openalex.org/W2000891179","https://openalex.org/W2049188895","https://openalex.org/W2380583381","https://openalex.org/W4285359482","https://openalex.org/W2263437148","https://openalex.org/W2481421941"],"abstract_inverted_index":{"Employees\u2019":[0],"poor":[1],"compliance":[2],"with":[3],"information":[4,37,52,71],"security":[5,38,53,72],"policies":[6],"is":[7],"a":[8,76],"perennial":[9],"problem":[10],"for":[11],"many":[12],"organizations.":[13],"Existing":[14],"research":[15],"shows":[16],"that":[17,30],"about":[18],"half":[19],"of":[20,36,46],"all":[21],"breaches":[22],"caused":[23],"by":[24],"insiders":[25],"are":[26],"accidental,":[27],"which":[28],"means":[29],"one":[31],"can":[32],"question":[33],"the":[34,44,49],"usefulness":[35],"policies.":[39],"In":[40],"order":[41],"to":[42],"support":[43],"formulation":[45],"practical,":[47],"from":[48,75],"employees\u2019":[50],"perspective,":[51],"policies,":[54],"we":[55],"propose":[56],"eight":[57],"tentative":[58],"quality":[59],"criteria.":[60],"These":[61],"criteria":[62],"were":[63],"developed":[64],"using":[65],"practice-based":[66],"discourse":[67],"analysis":[68],"on":[69],"three":[70],"policy":[73],"documents":[74],"health":[77],"care":[78],"organisation.":[79]},"counts_by_year":[{"year":2015,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}