Genre-Based Approach to Assessing Information and Knowledge Security Risks-Reference-Cited by-同舟云学术

Genre-Based Approach to Assessing Information and Knowledge Security Risks

Published:2014-04 Issue:2 Volume:10 Page:13-27
ISSN:1548-0666
Container-title:International Journal of Knowledge Management
language:en
Short-container-title:

Author:

Padyab Ali Mohammad¹,Päivärinta Tero¹,Harnesk Dan¹

Affiliation:

1. Luleå University of Technology, Luleå, Sweden

Abstract

Contemporary methods for assessing information security risks have adopted mainly technical views on information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. This article outlines a new, genre-based, approach to information security risk assessment in order to orientate toward organization- and knowledge-centric identification and analysis of security risks. In order to operationalize the genre-based approach, we suggest the use of a genre-based analytical method for identifying organizational communication patterns through which organizational knowledge is shared. The genre-based method is then complemented with tasks and techniques from a textbook risk assessment method (OCTAVE Allegro). We discuss the initial experiences of three experienced information security professionals who tested the method. The article concludes with implications of the genre-based approach to analyzing information and knowledge security risks for future research and practice.

Publisher

IGI Global

Subject

Management of Technology and Innovation,Computer Science Applications,Management Information Systems

Reference47 articles.

1. An Information-Centric Approach to Data Security in Organizations

2. Review: Knowledge Management and Knowledge Management Systems: Conceptual Foundations and Research Issues

3. Introduction to the OCTAVE Approach

4. Alberts, C. J., Behrens, S. G., Pethia, R. D., & Wilson, W. R. (1999). Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0 (Tech. Rep. No. CMU/SEI-99-TR-017). Pittsburgh, PA: Carnegie Mellon University

Cited by 6 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Problems in information classification: insights from practice;Information & Computer Security;2023-04-10

2. From rationale to lessons learned in the cloud information security risk assessment: a study of organizations in Sweden;Information & Computer Security;2021-08-25

3. The Importance of Knowledge-Based Risk Processes to Risk Analysis;International Journal of Knowledge Management;2021-01

4. Knowledge Systems and Risk Management;Current Issues and Trends in Knowledge Management, Discovery, and Transfer;2020

5. A Business-Driven Process Model for Knowledge Security Risk Management;Effective Knowledge Management Systems in Modern Society;2019