1. Technology, power, and the social organization of work: towards a paradigmatic theory of skilling and deskilling;Barley;Research in the Sociology of Organizations,1988

2. Barman S. 2002. Writing Information Security Policies, New Riders.

3. Beautement A., Sasse MA, Wonham M. 2008. The compliance budget: managing security behaviour in organisations. In: Proceedings of the 2008 Workshop on New Security Paradigms.

4. Björck F, L Yngström. The value and assessment of information security education and training. In: Yngström, L., S. Fischer-Hübner, editor. WISE1, Proceedings of the IFIP TC11 WG11.8 First World Conference on Information Security Education, held in Stockholm 17–19 June. Stockholm, Sweden: International Federation for Information Processing, 1999, p. 271–292.

5. Björck F. Institutional theory: A new perspective for research into IS/IT security. In: Proceedings of the 37th Hawaii International Conference on System Sciences (HICSS-37 2004), 5–8 January 2004, Big Island, HI, USA: IEEE Computer Society, 2004