{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:24:54Z","timestamp":1759091094416,"version":"3.41.2"},"reference-count":15,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2010,11,23]],"date-time":"2010-11-23T00:00:00Z","timestamp":1290470400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010,11,23]]},"abstract":"Purpose<\/jats:title>The purpose of this paper is to find what kinds of problems, while implementing information security policy, may take place in foreign companies in the East African Community (EAC) because of cultural differences, and to suggest supplemental countermeasures in international frameworks such as Committee of Sponsoring Organizations of the Treadway Commission and ISO\/IEC27001.<\/jats:p><\/jats:sec>Design\/methodology\/approach<\/jats:title>Setting potential problems based on Hofstede's scores of cultural dimensions and the authors' experience, this paper predicts potential problems first by using the theory of level of potential. Local employees working for foreign companies were polled to evaluate the severity of the problems. Based on the survey results, the paper finds which problems may take place, what triggers them and how severe they are. Finally, it finds countermeasures to prevent the problems.<\/jats:p><\/jats:sec>Findings<\/jats:title>Overall, British, US and Japanese companies are found to have higher potential of facing problems in the EAC. The problem of \u201cusing a previous company's confidential information\u201d has been found to have the highest severity. British, US and Belgian companies have individualism\u2010originated problems. Japanese companies have the highest potential of facing problems due to masculinity. Chinese companies have the highest potential of facing problems due to long\u2010term orientation. In addition, a list of countermeasures is proposed to protect business information.<\/jats:p><\/jats:sec>Originality\/value<\/jats:title>The paper has identified information security management (ISM)\u2010related problems with their severities for each of the selected investing countries in the EAC, applying a new method to predict potential problems concerning ISM in foreign companies. It has recommended practical countermeasures against the six serious problems identified.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685221011095245","type":"journal-article","created":{"date-parts":[[2010,11,27]],"date-time":"2010-11-27T07:02:51Z","timestamp":1290841371000},"page":"328-338","source":"Crossref","is-referenced-by-count":9,"title":["Human\u2010related problems of information security in East African cross\u2010cultural environments"],"prefix":"10.1108","volume":"18","author":[{"given":"T.","family":"Asai","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"A.U.","family":"Hakizabera","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"key":"key2022021719512263600_b1","unstructured":"Asai, T. and Waluyan, L. (2008), \u201cPotential problems on information security management in cross\u2010cultural environment \u2013 a study of cases of foreign companies including Japanese companies in Indonesia\u201d, Journal of the Japan Society of Security Management, Vol. 1 No. 1, pp. 15\u201026."},{"key":"key2022021719512263600_b2","unstructured":"Bean, M. (2006), \u201cHuman error at the center of IT security breach\u201d, available at: www.newhorizons.com\/elevate\/network%20defense%20contributed%20article.pdf (accessed 10 February 2008)."},{"key":"key2022021719512263600_b3","unstructured":"Carrel, M.R., Elbert, N.F. and Hatfield, R.D. (1995), Human Resource Management: Global Strategies for Managing a Diverse Work Force, Prentice\u2010Hall, Upper Saddle River, NJ."},{"key":"key2022021719512263600_b4","unstructured":"Chalker, B.L. (2008), \u201cEast Africa \u2013 a rising investment destination\u201d, available at: www.africamatters.com\/news.asp?page_id=204&n_id=85 (accessed 06 December 2009)."},{"key":"key2022021719512263600_b5","unstructured":"COSO (1994), Internal Control \u2013 Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission, available at: www.snai.edu\/cn\/service\/library\/book\/0\u2010Framework\u2010final.pdf (accessed 17 February 2010)."},{"key":"key2022021719512263600_b6","unstructured":"Hall, E.T. (1976), Beyond Culture, Anchor Books, New York, NY."},{"key":"key2022021719512263600_b7","unstructured":"Hofstede, G. and Hofstede, G.J. (2004), Cultures and Organizations: Software of the Mind, McGraw\u2010Hill, New York, NY."},{"key":"key2022021719512263600_b8","unstructured":"House, R.J. (2004), Culture, Leadership, and Organizations, the GLOBE Study of 62 Societies, Sage, Thousand Oaks, CA."},{"key":"key2022021719512263600_b13","unstructured":"JETRO (1999), \u201cCommunication with Japanese in business\u201d, available at: www.jetro.co.jp\/ france\/lyon\/pdf\/cwjb.pdf (accessed 15 December 2007)."},{"key":"key2022021719512263600_b9","unstructured":"Komatsu, A. (2008), \u201cActivities of IPA concerning information security and behavior\u201d, Lecture Notes of the Symposium on Security Psychology and Trust (SPT) Research Group, Information Processing Society of Japan, Tokyo, pp. 49\u201062."},{"key":"key2022021719512263600_b14","unstructured":"Schneier, B. (2008), \u201cThe psychology of security\u201d, available at: www.schneier.com\/essay\u2010155.html (accessed 15 October 2008)."},{"key":"key2022021719512263600_b10","doi-asserted-by":"crossref","unstructured":"Solms, V. (2005), \u201cInformation security governance \u2013 compliance management vs. operational management\u201d, Journal of Computer and Security, Vol. 24, pp. 443\u20107.","DOI":"10.1016\/j.cose.2005.07.003"},{"key":"key2022021719512263600_b15","unstructured":"Straker, D. (2002), \u201cTrompenaars' four diversity cultures\u201d, available at: http:\/\/changingminds.org\/explanations\/culture\/trompenaars_four_cultures.htm (accessed 20 September 2008)."},{"key":"key2022021719512263600_b11","unstructured":"Waluyan, L., Blos, M., Noguera, S. and Asai, T. (2010), \u201cPotential problems in people management concerning information security in cross\u2010cultural environment \u2013 the case of Brazil\u201d, Journal of Information Processing Society of Japan, Vol. 51 No. 2, pp. 613\u201023."},{"key":"key2022021719512263600_b12","unstructured":"Yates, M. (2006), \u201cCultural differences\u201d, available at: www.leadervalues.com\/content\/detail.asp? contentDetaillD\u2010255&Type= More (accessed 02 December 2008)."}],"container-title":["Information Management & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685221011095245","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221011095245\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685221011095245\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:20Z","timestamp":1753402160000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/18\/5\/328-338\/179053"}},"subtitle":[],"editor":[{"given":"Steven M.","family":"Furnell","sequence":"first","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2010,11,23]]},"references-count":15,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2010,11,23]]}},"alternative-id":["10.1108\/09685221011095245"],"URL":"https:\/\/doi.org\/10.1108\/09685221011095245","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[2010,11,23]]}}}