A Proposed Framework for Understanding Information Security Culture and Practices in the Saudi Context

Alnatheer, Mohammed & Nelson, Karen J. (2009) A Proposed Framework for Understanding Information Security Culture and Practices in the Saudi Context. In 7th Australian Information Security Management Conference, 1-3 December 2009, Kings Perth Hotel, Perth.

Conference Paper (PDF 147kB)
Accepted Version.

View at publisher


An examination of Information Security (IS) and Information Security Management (ISM) research in Saudi Arabia has shown the need for more rigorous studies focusing on the implementation and adoption processes involved with IS culture and practices. Overall, there is a lack of academic and professional literature about ISM and more specifically IS culture in Saudi Arabia. Therefore, the overall aim of this paper is to identify issues and factors that assist the implementation and the adoption of IS culture and practices within the Saudi environment. The goal of this paper is to identify the important conditions for creating an information security culture in Saudi Arabian organizations. We plan to use this framework to investigate whether security culture has emerged into practices in Saudi Arabian organizations.

Impact and interest:

10 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

826 since deposited on 10 Dec 2009
180 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 29211
Item Type: Conference Paper
Refereed: Yes
Keywords: Information security management , Information security policy, Information security compliance, Information security risk analysis, Information security awareness and training programs, Security culture, Organizational culture, National culture
Divisions: Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
Copyright Owner: Copyright 2009 Please consult the authors.
Deposited On: 10 Dec 2009 00:36
Last Modified: 29 Feb 2012 14:06

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page