a b s t r a c t a r t i c l e i n f o
Available online xxxx
Keywords:Public e-services E-government Public e-service development User participation For decades, user participation has brought value to various systems development projects. Today, there are expectations that public e-service development will experience the same benefits. However, existing research has shown that introducing user participation into public e-service development can be challenging. In this study, we interviewed citizens in order to explore their willingness and ability to participate in public e-service development according to three user participation schools: User-Centred Design, Participatory Design and User Innovation. Our findings show that citizens in general are willing to participate, but their ability to do so is limited. Based on our findings, we developed nine propositions to explain citizens' willingness and ability to participate in public e-service development. The propositions contribute to practice by acting as a tentative guide for systems developers when they use user participation schools as inspiration in public e-service projects. They also act as a starting point for future research into conditions for user participation in public e-service development.
Purpose
– The aim of this paper is to survey existing information security culture research to scrutinise the kind of knowledge that has been developed and the way in which this knowledge has been brought about.
Design/methodology/approach
– Results are based on a literature review of information security culture research published between 2000 and 2013 (December).
Findings
– This paper can conclude that existing research has focused on a broad set of research topics, but with limited depth. It is striking that the effects of different information security cultures have not been part of that focus. Moreover, existing research has used a small repertoire of research methods, a repertoire that is more limited than in information systems research in general. Furthermore, an extensive part of the research is descriptive, philosophical or theoretical – lacking a structured use of empirical data – which means that it is quite immature.
Research limitations/implications
– Findings call for future research that: addresses the effects of different information security cultures; addresses the identified research topics with greater depth; focuses more on generating theories or testing theories to increase the maturity of this subfield of information security research; and uses a broader set of research methods. It would be particularly interesting to see future studies that use intervening or ethnographic approaches because, to date, these have been completely lacking in existing research.
Practical implications
– Findings show that existing research is, to a large extent, descriptive, philosophical or theoretical. Hence, it is difficult for practitioners to adopt these research results, such as frameworks for cultivating or assessment tools, which have not been empirically validated.
Originality/value
– Few state-of-the-art reviews have sought to assess the maturity of existing research on information security culture. Findings on types of research methods used in information security culture research extend beyond the existing knowledge base, which allows for a critical discussion about existing research in this sub-discipline of information security.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.