0000000000478036
AUTHOR
Pauliina Hirvonen
The determinants affecting on the investment proposals adoption
Tietoturvallisuuden tutkimuksessa ei ole kyetty tunnistamaan tekijöitä, jotka vaikuttavat tietoturvallisuusaloitteiden onnistumiseen. Teoreettinen tutkimus lähestyy haastetta tarkastelemalla olemassa olevia tietotekniikan ja tietojärjestelmien tutkimusta yritysympäristössä. Aloitteiden hyväksymiseen vaikuttavat tekijät määritettiin kolmeksi kategoriaksi. Tietoturvallisuusaloitteisiin vaikuttavien tekijöiden tunnistamisen ohella tutkimusmenetelmän vaikutus tuloksiin on käsitelty. Useita suosituksia ilmiön jatkotutkimukselle sekä tutkimusmenetelmän kehittämiselle on esitetty. Information security field lacks of understanding of how to succeed with in-vestments proposals. This theoretical stud…
A Review of GDPR Impacts on Information Security
The aim of this literature review is to understand GDPR impacts on information security in organisations. The research question is: What outcomes previous research reveal about the GDPR impacts on information security development? Findings indicated that GDPR has had several impacts divided in six categories here: user profiling and data collection, business impacts, management and compliance, personal competences, skills and career, authorization, authentication and notification obligation and data storage. Findings also indicated that even though GDPR had upraised information security and data protection requirements, it has caused also challenges. Previous research raised important separ…
Expectations And Mindsets Related To GDPR
The aim of this qualitative case study is to examine the initial expectations and assumptions related to General Data Protection Regulation (GDPR) of the European Union from the perspectives of selected Finnish organizations: what were the initial expectations of GDPR, how were they adapted/refined over time, and what was the impact on organizational planning and resourcing. There are no precise earlier studies on the subject. The research question was: What were the organizations’ initial expectations of GDPR - and how have they affected the efforts made? GDPR can be described as an input that forms images, preconceptions and views among other things, through various active and passive c…
Building Situational Awareness of GDPR
Because previous academic research does not comment sufficiently on how the relevant content of the European Union (EU) General Data Protection Regulation (GDPR has been properly communicated to the organisations, or how the situational awareness (SA) of GDPR has been built in the organisations, this qualitative empirical research was regarded as a valuable approach for gathering authentic research material on the practical bases of this phenomena. The aim of this empirical case study (CS) is to develop a picture of what processes organisations use to build SA of the GDPR requirements. To guide the CS, we asked how the SA for decision-making was constructed and how it was perceived in organ…
Organisational GDPR Investments and Impacts
The aim of this empirical multi-case study is to understand the GDPR investments and impacts of the organisations. Among these, the measuring experiences related to GDPR and information security (Isec), and the future expectations are examined. Several interesting findings were recognised, which also enabled further suggestions. First, an understanding of the organisations’ investments and their impact is built by gathering information about the actions that organisations made to fulfil the GDPR requirements. In the second phase, it is deemed necessary to examine how organisations experience the measures and evaluation of GDPR development and progress, in order to understand how respondents…