Exploring Information Security Controls Using Information Fraud Episodes: Case Study Evidence from a Large Telecommunications Firm
| dc.contributor.author | Goode, Sigi | |
| dc.contributor.author | Lacey, David | |
| dc.coverage.spatial | Helsinki Finland | |
| dc.date.accessioned | 2015-12-08T22:43:57Z | |
| dc.date.available | 2015-12-08T22:43:57Z | |
| dc.date.created | June 9-11 2011 | |
| dc.date.issued | 2011 | |
| dc.date.updated | 2016-02-24T12:13:21Z | |
| dc.description.abstract | Fraud and security continue to be problems for firms. Fraud information is typically incomplete and deliberately obfuscated. These qualities make fraud events harder to detect using conventional security controls. This study uses a knowledge management framework to explore how different types of controls are used to detect and investigate information fraud. The analysis is based on the customer fraud database of a large Asia-Pacific telecommunications provider. Semi-structured interviews were also conducted with the firm's fraud unit. The study finds that IS controls, with high task programmability and outcome measurement, are used to detect the majority of fraud cases. However, more complex fraud cases use clan controls for detection. The paper also provides insight into the way in which combinations of controls are used to investigate cases. The study raises implications for both theory and practice. | |
| dc.identifier.uri | http://hdl.handle.net/1885/37425 | |
| dc.publisher | AIS Electronic Library (AISeL) | |
| dc.relation.ispartofseries | European Conference on Information Systems (EICS 2011) | |
| dc.source | ECIS 2011 Proceedings | |
| dc.source.uri | http://aisel.aisnet.org/ecis2011/191/ | |
| dc.source.uri | http://www.ecis2011.fi/program/submission-of-papers/index.html | |
| dc.subject | Keywords: Information fraud; Information security controls; Information sharing; Knowledge management framework; Programmability; Security controls; Semi structured interviews; Telecommunications firms; Telecommunications providers; Theory and practice; Computer cr Control; Information fraud; Information sharing; Telecommunications | |
| dc.title | Exploring Information Security Controls Using Information Fraud Episodes: Case Study Evidence from a Large Telecommunications Firm | |
| dc.type | Conference paper | |
| local.bibliographicCitation.lastpage | 13 | |
| local.bibliographicCitation.startpage | 1 | |
| local.contributor.affiliation | Goode, Sigi, College of Business and Economics, ANU | |
| local.contributor.affiliation | Lacey, David, College of Business and Economics, ANU | |
| local.contributor.authoruid | Goode, Sigi, u9404841 | |
| local.contributor.authoruid | Lacey, David, u4490189 | |
| local.description.notes | Imported from ARIES | |
| local.description.refereed | Yes | |
| local.identifier.absfor | 080611 - Information Systems Theory | |
| local.identifier.ariespublication | u9900263xPUB148 | |
| local.identifier.scopusID | 2-s2.0-84870643503 | |
| local.type.status | Published Version |