Fredrik Björck

Learn More
— The aim of this position paper is to argue for the suitability of an institutional perspective in IS/IT (Information Systems/Information Technology) security research. Institutional theory, including some of its central concepts, is presented, along with examples of how it has been used in information systems research. A discussion of how the theory could(More)
Information security education and training needs to be valued and assessed from various perspectives. This study presents two differing viewpoints from which such an evaluation can be perceived – those of the individual and the organisation. Some sorts of profits are sought after by each of the two, although this is expressed and hence valued differently(More)
This thesis presents the findings of an empirical study into the evaluation, formation and implementation of information security management systems aiming to protect organisational information assets. An action research oriented strategy and a research method informed mainly by grounded theory, are employed. The main elements of this thesis are 1) a(More)
This paper presents the findings of an empirical study of certification auditors' and information security consultants' experiences and insights concerning the implementation and certification of information security management systems. Using an action research strategy and a grounded theory research method, the study describes these particular experiences(More)
We must plan for freedom, and not only for security, if for no other reason than that only freedom can make security secure. Abstract This thesis is concerned with issues relating to the management of information security in organisations, motivated by the need for cost-efficient information security. It is based on the assumption that: in order to achieve(More)
  • 1