{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,14]],"date-time":"2026-07-14T17:11:25Z","timestamp":1784049085509,"version":"3.55.0"},"reference-count":33,"publisher":"Elsevier BV","issue":"1","license":[{"start":{"date-parts":[[2007,2,1]],"date-time":"2007-02-01T00:00:00Z","timestamp":1170288000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers &amp; Security"],"published-print":{"date-parts":[[2007,2]]},"DOI":"10.1016\/j.cose.2006.10.008","type":"journal-article","created":{"date-parts":[[2006,11,21]],"date-time":"2006-11-21T19:53:40Z","timestamp":1164138820000},"page":"56-62","source":"Crossref","is-referenced-by-count":110,"title":["Organisational security culture: Extending the end-user perspective"],"prefix":"10.1016","volume":"26","author":[{"given":"A.B.","family":"Ruighaver","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"S.B.","family":"Maynard","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"S.","family":"Chang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"issue":"46","key":"10.1016\/j.cose.2006.10.008_bib4","first-page":"48","article-title":"Manage people to protect data","volume":"22","author":"Andress","year":"2000","journal-title":"InfoWorld"},{"key":"10.1016\/j.cose.2006.10.008_bib32","first-page":"231","article-title":"Dysfunctional organisational control mechanisms: an example","volume":"8","author":"Baker","year":"1999","journal-title":"Journal of Applied Management Studies"},{"issue":"33","key":"10.1016\/j.cose.2006.10.008_bib5","first-page":"19","article-title":"Talking heads","volume":"24","author":"Beynon","year":"2001","journal-title":"Computerworld"},{"issue":"46","key":"10.1016\/j.cose.2006.10.008_bib10","first-page":"90","article-title":"Advice for a secure enterprise: implement the basics and see that everyone uses them","volume":"22","author":"Borck","year":"2000","journal-title":"InfoWorld"},{"key":"10.1016\/j.cose.2006.10.008_bib2","first-page":"71","article-title":"How secure are you?","volume":"800","author":"Breidenbach","year":"2000","journal-title":"Information Week"},{"key":"10.1016\/j.cose.2006.10.008_bib27","series-title":"Competing on the edge: strategy as structured chaos","author":"Brown","year":"1998"},{"key":"10.1016\/j.cose.2006.10.008_bib14","first-page":"23","article-title":"Cultural congruence, strength and type: relationships to effectiveness","volume":"5","author":"Cameron","year":"1991","journal-title":"Research in Organisational Change and Development"},{"key":"10.1016\/j.cose.2006.10.008_bib21","unstructured":"Chia P, Maynard S, Ruighaver AB. Understanding organisational security culture. In: Sixth pacific Asia conference on information systems, Tokyo, Japan; 2\u20133 September 2002."},{"key":"10.1016\/j.cose.2006.10.008_bib20","series-title":"Information systems: the challenges of theory and practice","first-page":"335","article-title":"Understanding organisational security culture","author":"Chia","year":"2003"},{"key":"10.1016\/j.cose.2006.10.008_bib31","unstructured":"Clark-Dickson P. Alarmed and dangerous; 2001 [e-Access March 2001]."},{"issue":"28","key":"10.1016\/j.cose.2006.10.008_bib22","first-page":"39","article-title":"Security starts from within","volume":"22","author":"Connolly","year":"2000","journal-title":"InfoWorld"},{"issue":"4","key":"10.1016\/j.cose.2006.10.008_bib12","doi-asserted-by":"crossref","first-page":"850","DOI":"10.5465\/amr.2000.3707740","article-title":"A framework for linking culture and improvement initiatives in organisations","volume":"25","author":"Detert","year":"2000","journal-title":"The Academy of Management Review"},{"key":"10.1016\/j.cose.2006.10.008_bib25","doi-asserted-by":"crossref","first-page":"1153","DOI":"10.1037\/0003-066X.51.11.1153","article-title":"The detrimental effects of reward: myth or reality?","volume":"51","author":"Eisenberger","year":"1996","journal-title":"American Psychologist"},{"issue":"7","key":"10.1016\/j.cose.2006.10.008_bib29","first-page":"12","article-title":"E-merging risks: operational issues and solutions in a cyberage","volume":"47","author":"Freeman","year":"2000","journal-title":"Risk Management"},{"issue":"6","key":"10.1016\/j.cose.2006.10.008_bib30","first-page":"30","article-title":"Ensure the security of your corporate systems (developing a security policy)","volume":"16","author":"Hartley","year":"1998","journal-title":"E-Business Advisor"},{"key":"10.1016\/j.cose.2006.10.008_bib15","doi-asserted-by":"crossref","first-page":"122","DOI":"10.1177\/1059601195202004","article-title":"Organisation culture, distribution, and amount of control, and perceptions of quality","volume":"20","author":"Klein","year":"1995","journal-title":"Group and Organisation Management"},{"issue":"1","key":"10.1016\/j.cose.2006.10.008_bib33","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1108\/09685220610648355","article-title":"Information security: management's effect on culture and policy","volume":"14","author":"Knapp","year":"2006","journal-title":"Information Management & Computer Security"},{"key":"10.1016\/j.cose.2006.10.008_bib18","unstructured":"Koh K, Ruighaver AB, Maynard S, Ahmad A. Security governance: its impact on security culture. In: Proceedings of the third Australian information security management conference, Perth, Australia; September 2005."},{"issue":"2","key":"10.1016\/j.cose.2006.10.008_bib24","doi-asserted-by":"crossref","first-page":"119","DOI":"10.1016\/S0167-4048(97)81980-3","article-title":"The ten commandments of security","volume":"17","author":"Lau","year":"1998","journal-title":"Computers and Security"},{"key":"10.1016\/j.cose.2006.10.008_bib17","unstructured":"Maynard S, Ruighaver, AB. What makes a good information security policy: a preliminary framework for evaluating security policy quality. In: Proceedings of the fifth annual security conference, Las Vegas, Nevada USA; 19\u201320 April 2006."},{"key":"10.1016\/j.cose.2006.10.008_bib11","doi-asserted-by":"crossref","first-page":"195","DOI":"10.1146\/annurev.ps.44.020193.001211","article-title":"Organisational behavior: linking individuals and groups to organisational contexts","volume":"44","author":"Mowday","year":"1993","journal-title":"Annual Review of Psychology"},{"key":"10.1016\/j.cose.2006.10.008_bib7","unstructured":"Ngo L, Zhou W, Warren M. Understanding transition towards organisational culture change. In: Proceedings of the third Australian information security management conference, Perth, Australia; September 2005."},{"issue":"4","key":"10.1016\/j.cose.2006.10.008_bib9","doi-asserted-by":"crossref","first-page":"337","DOI":"10.1016\/S0167-4048(00)04021-9","article-title":"Implementing information security in the 21st Century \u2013 do you have the balancing factors?","volume":"19","author":"Nosworthy","year":"2000","journal-title":"Computers and Security"},{"key":"10.1016\/j.cose.2006.10.008_bib26","doi-asserted-by":"crossref","first-page":"561","DOI":"10.1007\/BF03395453","article-title":"Positive effects of rewards and performance standards on intrinsic motivation","volume":"53","author":"Pierce","year":"2003","journal-title":"The Psychological Record"},{"key":"10.1016\/j.cose.2006.10.008_bib13","series-title":"Organisational culture and leadership","author":"Schein","year":"1992"},{"key":"10.1016\/j.cose.2006.10.008_bib6","doi-asserted-by":"crossref","unstructured":"Schlienger T, Teufel S. Information security culture \u2013 the socio-cultural dimension in information security management. In: IFIP TC11 international conference on information security, Cairo, Egypt; 7\u20139 May 2002.","DOI":"10.1007\/978-0-387-35586-3_15"},{"key":"10.1016\/j.cose.2006.10.008_bib8","unstructured":"Schlienger T, Teufel S. Analyzing information security culture: increased trust by an appropriate information security culture. In: 14th International workshop on database and expert systems applications (DEXA'03), Prague, Czech Republic; 2003."},{"issue":"2","key":"10.1016\/j.cose.2006.10.008_bib1","first-page":"58","article-title":"Intranet security","volume":"22","author":"Schwarzwalder","year":"1999","journal-title":"Database and Network Journal"},{"key":"10.1016\/j.cose.2006.10.008_bib16","unstructured":"Shedden P, Ahmad A, Ruighaver AB. Risk management standards\u2013 the perception of ease of use. In: Proceedings of the fifth annual security conference, Las Vegas, Nevada, USA; 19\u201320 April 2006."},{"issue":"8","key":"10.1016\/j.cose.2006.10.008_bib28","first-page":"18","article-title":"Security for your e-business","volume":"15","author":"Shinn","year":"2000","journal-title":"Enterprise Systems Journal"},{"key":"10.1016\/j.cose.2006.10.008_bib19","unstructured":"Tan TCC, Ruighaver AB, Ahmad A. Incident handling: where the need for planning is often not recognised. In: Proceedings of the first Australian computer network, information & forensics conference, Perth, 24 November 2003."},{"issue":"7","key":"10.1016\/j.cose.2006.10.008_bib3","doi-asserted-by":"crossref","first-page":"615","DOI":"10.1016\/S0167-4048(00)07021-8","article-title":"Information security \u2013 the third wave?","volume":"19","author":"Von Solms","year":"2000","journal-title":"Computers and Security"},{"issue":"2","key":"10.1016\/j.cose.2006.10.008_bib23","first-page":"43","article-title":"Integrated approach includes information security","volume":"37","author":"Wood","year":"2000","journal-title":"Security"}],"container-title":["Computers &amp; Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S016740480600157X?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S016740480600157X?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2019,4,22]],"date-time":"2019-04-22T12:27:27Z","timestamp":1555936047000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S016740480600157X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,2]]},"references-count":33,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2007,2]]}},"alternative-id":["S016740480600157X"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2006.10.008","relation":{},"ISSN":["0167-4048"],"issn-type":[{"value":"0167-4048","type":"print"}],"subject":[],"published":{"date-parts":[[2007,2]]}}}