Skip to main content

MGMT 8505M IT Security and Compliance: Welcome & Course Readings

Welcome to your course guide

Please find your required library readings below. If you have problems with the links below, please contact the Library. If you have APA questions about these materials, please contact the Writing Center.

MGMT 8505M Course Readings

After clicking on a citation below, enter your myWalden user name and password at the prompt.

Please Ask a Librarian if you have any questions about the links.

Abrahamsen, E. B., Pettersen, K., Aven, T., Kaufmann, M., & Rosqvist, T. (2017). A framework for selection of strategy for management of security measures. Journal of Risk Research, 20(3), 404-417. 

Adjerid, I., Peer, E., Aquisiti, A. (2018). Beyond the privacy paradox: Objective versus relative risk in privacy decision making. MIS Quarterly, 42(2), pp. 465-488. doi: 10.25300/MISQ/2018/14316 

Adomavicius, G., Bockstedt, J. C., Gupta, A., & Kauffman, R. J. (2007). Technology roles and paths of influence in an ecosystem model of technology evolution. Information Technology and Management, 8(2), 185–202. doi:10.1007/s10799-007-0012-z  

AlHogail, A. (2015). Design and validation of information security culture framework. Computers in Human Behavior, 49, 567–575. doi:10.1016/j.chb.2015.03.054 

Arachchilage, N. A. G., Love, S., & Beznosov, K. (2016). Phishing threat avoidance behaviour: An empirical investigation. Computers in Human Behavior, 60, 185–197. doi:10.1016/j.chb.2016.02.065 

Bartnes, M., Moe, N. B., & Heegaard, P. E. (2016). The future of information security incident management training: A case study of electrical power companies. Computers & Security, 61, pp. 32-45. doi: 10.1016/j.cose.2016.05.004 

Bodin, L. D., Gordon, L. A., & Loeb, M. P. (2008). Information security and risk management. Communications of the ACM, 51(4), 64–68. doi:10.1145/1330311.1330325 

Chen, Y., Ramamurthy, K., & Wen, K.-W. (2015). Impacts of comprehensive information security programs on information security culture. Journal of Computer Information Systems, 55(3), 11–19. doi:10.1080/08874417.2015.11645767 

Cherdantseva, Y., & Hilton, J. (2013, September). A reference model of information assurance & security. Paper presented at the Eighth International Conference on Availability, Reliability and Security, Regensburg, Germany. doi:10.1109/ARES.2013.72 

Clemons, E. K., Dewan, R. M., Kauffman, R. J., & Weber, T. A. (2017). Understanding the information-based transformation of strategy and society. Journal of Management Information Systems, 34(2), 425–456. doi:10.1080/07421222.2017.1334474 

Das, A., & Khan, H. U. (2016). Security behaviors of smartphone users. Information & Computer Security, 24(1), 116–134. doi:10.1108/ICS-04-2015-0018 

Dutta, A., Peng, G. C. A., & Choudhary, A. (2013). Risks in enterprise cloud computing: The perspective of IT experts. Journal of Computer Information Systems, 53(4), 39–48. doi:10.1080/08874417.2013.11645649 

Feng, N., & Li, M. (2011). An information systems security risk assessment model under uncertain environment. Applied Soft Computing, 11(7), 4332–4340. doi:10.1016/j.asoc.2010.06.005 

Grover, V., Chiang, R. H. L., Liang, T.-P., & Zhang, D. (2018). Creating strategic business value from big data analytics: A research framework. Journal of Management Information Systems, 35(2), 388–423. doi:10.1080/07421222.2018.1451951 

Hallová, M., Polakovič, P., Virágh, R., & Slováková, I. (2017). Information security and risk analysis in companies of agriresort. AGRIS On-Line Papers in Economics and Informatics, 9(1), 49–55. doi:10.7160/aol.2017.090104 

Jain, P., Gyanchandani, M., & Khare, N. (2017). Privacy and security concerns in healthcare big data: an innovative prescriptive. Journal of Information Assurance & Security, 12(1), 18–30. 

Kaila, U., & Nyman, L. (2018). Information security best practices: First steps for startups and SMEs. Technology Innovation Management Review, 8(11), 32–42. doi:10.22215/timreview/1198 

Karlsson, F., Hedström, K., & Goldkuhl, G. (2017). Practice-based discourse analysis of information security policies. Computers & Security, 67, 267–279. doi:10.1016/j.cose.2016.12.012 

Kock, N., Avison, D., & Malaurent, J. (2017). Positivist information systems action research: Methodological issues. Journal of Management Information Systems, 34(3), 754–767. doi:10.1080/07421222.2017.1373007 

Lanza, A., & Passarelli, M. (2014). Technology change and dynamic entrepreneurial capabilities. Journal of Small Business Management, 52(3), 427–450. doi:10.1111/jsbm.12042  

Li, M., & Tang, M. (2013). Information security engineering: A framework for research and practices. International Journal of Computers, Communications & Control, 8(4), 578–587. doi:10.15837/ijccc.2013.4.579 

Marston, S. R., Li, Z., Bandyopadhyay, S., Zhang, J., & Ghalsasi, A. (2011). Cloud computing—the business perspective. Decision Support Systems, 51(1), 176–189. doi:10.2139/ssrn.1413545 

McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., & Pattinson, M. (2017). Individual differences and information security awareness. Computers in Human Behavior, 69, 151–156. doi:10.1016/j.chb.2016.11.065 

Menard, P., Bott, G. J., & Crossler, R. E. (2017). User motivations in protecting information security: Protection motivation theory versus self-determination theory. Journal of Management Information Systems, 34(4), 1203–1230. doi:10.1080/07421222.2017.1394083 

Olifer, D., Goranin, N., Kaceniauskas, A., & Cenys, A. (2017). Controls-based approach for evaluation of information security standards implementation costs. Technological and Economic Development of Economy, 23(1), 196–219. doi:10.3846/20294913.2017.1280558 

Rebollo, O., Mellado, D., & Fernández-Medina, E. (2012). A systematic review of information security governance frameworks in the cloud computing environment. Journal of Universal Computer Science, 18(6), 798–815. doi:10.3217/jucs-018-06-0798 

Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 70–82. doi:10.1016/j.cose.2015.10.006

Selig, G. J. (2018, August). It governance — an integrated framework and roadmap: How to plan, deploy and sustain for competitive advantage. Paper presented at the 2018 Portland International Conference on Management of Engineering and Technology, Honolulu, HI. doi:10.23919/PICMET.2018.8481957 

Shropshire, J., Warkentin, M., & Sharma, S. (2015). Personality, attitudes, and intentions: Predicting initial adoption of information security behavior. Computers & Security, 49, 177–191. doi:10.1016/j.cose.2015.01.002 

Silic, M., & Back, A. (2014). Information security: Critical review and future directions for research. Information Management & Computer Security, 22(3), 279–308. doi:10.1108/IMCS-05-2013-0041 

Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study. Information & Management, 51(2), 217–224. doi:10.1016/ 

Sohrabi Safa, N., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442–451. doi:10.1016/j.chb.2015.12.037 

Sohrabi Safa, N., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 70–82. doi:10.1016/j.cose.2015.10.006 

Sommestad, T., Hallberg, J., Lundholm, K., & Bengtsson, J. (2014). Variables influencing information security policy compliance: A systematic review of quantitative studies. Information Management & Computer Security, 22(1), 42–75. doi:10.1108/IMCS-08-2012-0045 

Stergiou, C., Psannis, K. E., Kim, B.-G., & Gupta, B. (2018). Secure integration of IoT and cloud computing. Future Generation Computer Systems, 78(3), 964–975. doi:10.1016/j.future.2016.11.031 

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 35(1), 1–11. doi:10.1016/j.jnca.2010.07.006 

Wang, Y., Min, Q., & Han, S. (2016). Understanding the effects of trust and risk on individual behavior toward social media platforms: A meta-analysis of the empirical evidence. Computers in Human Behavior, 56, 34–44. doi:10.1016/j.chb.2015.11.011 

Wangwe, C. K., Eloff, M. M., & Venter, L. (2012). A sustainable information security framework for e-government – case of Tanzania. Technological and Economic Development of Economy, 18(1), 117–131. doi:10.3846/20294913.2012.661196 

Warkentin, M., Johnston, A. C., Shropshire, J., & Barnett, W. D. (2016). Continuance of protective security behavior: A longitudinal study. Decision Support Systems, 92, 25–35. doi:10.1016/j.dss.2016.09.013 

Webb, J., Ahmad, A., Maynard, S. B., & Shanks, G. (2014). A situation awareness model for information security risk management. Computers & Security, 44, 1–15. doi:10.1016/j.cose.2014.04.005 

Wolf, F., Kuber, R., & Aviv, A. J. (2018). An empirical study examining the perceptions and behaviours of security-conscious users of mobile authentication. Behaviour & Information Technology, 37(4), 320–334. doi:10.1080/0144929X.2018.1436591 

Zang, W. L. (2014). Research of information security quantitative evaluation method. Applied Mechanics and Materials, 513, 369–372. doi:10.4028/ 

Other Readings

Optional or supplemental readings may or may not be available in the library. Find further information about optional readings here.

If you have questions about your required course textbooks, please contact Customer Care at