Abstract
The management of negative events within organisations has become an issue commanding ever more attention from the various professions attending to the information needs of computer using organisations. However the basic need for developing secure information systems has remained unfulfilled. This is because the focus has been on the means of delivery of information, i.e. the technology (Galliers 1993), rather than on the various contextual factors related to information processing (Dhillon and Backhouse 1994; Hitchings 1996). As a consequence we are caught in the ‘technology trap’. Warman (1993) defines this as being the “situation that occurs when technology is introduced into problem situations by technical staff within organisations, without complete consideration of the implications” (p32). Although information system security is increasingly being considered as an organisational issue, the effort to prevent negative events has been aimed at protecting the technical infrastructure. This is largely because of the functionalist orientation of those responsible for managing information system security. As a result the security professionals have been unable to address the social attributes of organisations.
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Copyright information
© 1997 Gurpreet Dhillon
About this chapter
Cite this chapter
Dhillon, G. (1997). The context of information system security. In: Managing Information System Security. Information Systems Series. Palgrave, London. https://doi.org/10.1007/978-1-349-14454-9_2
Download citation
DOI: https://doi.org/10.1007/978-1-349-14454-9_2
Publisher Name: Palgrave, London
Print ISBN: 978-0-333-69260-8
Online ISBN: 978-1-349-14454-9
eBook Packages: EngineeringEngineering (R0)