The role of internal communication in preventing employees' information security policy noncompliance

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en Korpela, Pekka 2015-05-06T11:43:08Z 2015-05-06T11:43:08Z 2015
dc.description.abstract Objective of the study: The present study was triggered by the lack of research on the human factor of information security and the on-going digital transition that continues to alter employee behaviour. The objective of the study was to assess the relationship between internal communication and ISP noncompliance, and to identify the extent to which the occurrences of ISP noncompliance in a Finnish commercial bank could be prevented by enhancing the internal communication practices of the bank. Methodology and the theoretical framework: The study exploited a qualitative methodology, using a case study approach to research the topic. The empirical data was collected by conducting five semi-structured interviews with the case company employees to gain knowledge about the reasons behind the employees' ISP noncompliance, and about the internal communication practices of the case company. Secondary data consisted of the bank's internal material, and assisted in identifying the contents of the bank's ISP. The data analysis was based on the theoretical framework that was largely built on the previous literature. The framework focused on the factors of information security policy noncompliance and internal communication. Findings and conclusions: The findings implied that the reasons behind the employees' ISP noncompliance are manifold, but the most prevalent ones were work-related stress, employees' attitudes, and colleagues' expectations. Moreover, the findings indicated that the case company manages the ISP communication rather well. However, the bank could prevent certain noncompliance incidents or decrease their number by enhancing management communication to increase employee engagement and to bring the ISPs more on the foreground, and by improving the consistency of the ISP communication. en
dc.format.extent 111
dc.language.iso en en
dc.title The role of internal communication in preventing employees' information security policy noncompliance en
dc.type G2 Pro gradu, diplomityö fi Kauppakorkeakoulu fi School of Business en
dc.contributor.department Johtamisen laitos fi
dc.contributor.department Department of Management Studies en
dc.subject.keyword tietosuoja
dc.subject.keyword information security
dc.subject.keyword tietosuojasäädökset
dc.subject.keyword information security policy
dc.subject.keyword ISP
dc.subject.keyword tietosuojasääntörikkomukset
dc.subject.keyword information security policy noncompliance
dc.subject.keyword yritysviestintä
dc.subject.keyword corporate communication
dc.subject.keyword sisäinen viestintä
dc.subject.keyword internal communication
dc.subject.keyword finanssiala Suomessa
dc.subject.keyword Finnish financial industry
dc.subject.keyword liikepankit
dc.subject.keyword commercial banks
dc.identifier.urn URN:NBN:fi:aalto-201505072568
dc.type.dcmitype text en
dc.programme.major MSc program in Corporate Communication en
dc.programme.major MSc program in Corporate Communication fi
dc.type.ontasot Master's thesis en
dc.type.ontasot Pro gradu tutkielma fi
dc.subject.helecon viestintä
dc.subject.helecon communication
dc.subject.helecon yritysviestintä
dc.subject.helecon business communication
dc.subject.helecon pankit
dc.subject.helecon banks
dc.subject.helecon tietosuoja
dc.subject.helecon data security
dc.subject.helecon Suomi
dc.subject.helecon Finland
dc.ethesisid 13918 2015-04-07
dc.location P1 I

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication


My Account