By Topic

Applying double loop learning to interpret implications for information systems security design

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
A. Mattia ; Virginia Commonwealth Univ., Richmond, VA, USA ; G. Dhillon

The security of information systems (IS) continues to be one of the most serious issues of the twenty-first century. Past research indicates human factors to be the prime reason for IS security breaches. Human factors are repertoires of behavior that evolve from the reasoning and actions that individuals follow. These actions become the 'theories of action' individuals espouse and their 'theories-in-use', which are the actions they actually use. We argue that IS security problems occur when an organization's 'espoused theory' and their 'theory-in-use' (what they actually do) are contradictory. It is important, therefore, that human factors be addressed in (IS) security. The current focus on technological methods alone is an incomplete solution. The purpose of this paper is to present double loop learning as a strategy for designing and implementing security actions that bring an organization's 'espoused theory' and their 'theory-in-use' (what they actually do) into congruence . Indeed, by doing so double loop learning is a proactive security method that never becomes outdated.

Published in:

Systems, Man and Cybernetics, 2003. IEEE International Conference on  (Volume:3 )

Date of Conference:

5-8 Oct. 2003