{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T07:41:17Z","timestamp":1767339677357,"version":"3.41.2"},"reference-count":25,"publisher":"Emerald","issue":"3","license":[{"start":{"date-parts":[[2015,7,13]],"date-time":"2015-07-13T00:00:00Z","timestamp":1436745600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,7,13]]},"abstract":"\n Purpose<\/jats:title>\n \u2013 This paper aims to follow-up on previous research by studying the degree of management commitment to information and communication technology (ICT) safety and security within network companies in the electric power supply sector, implementation of awareness creation and training measures for ICT safety and security within these companies and the relationship between these two variables. <\/jats:p>\n <\/jats:sec>\n \n Design\/methodology\/approach<\/jats:title>\n \u2013 Data were mainly collected through a survey among users of ICT systems in network companies within the Norwegian electric power supply sector. In addition, qualitative data were gathered through interviews with representatives from the regulatory authorities, and observation studies were conducted at ICT safety and security conferences. <\/jats:p>\n <\/jats:sec>\n \n Findings<\/jats:title>\n \u2013 In accordance with previous research, our survey data showed a statistically significant correlation between management commitment to ICT safety and security and implementation of awareness creation and training measures. The majority of survey respondents viewed the degree of management commitment to ICT safety and security within their own organization as high, even though qualitative studies showed contradictory results. The network companies had implemented awareness creation and training measures to a varying degree. However, interactive awareness measures were used to a lesser extent than formal one-way communication methods. <\/jats:p>\n <\/jats:sec>\n \n Originality\/value<\/jats:title>\n \u2013 The paper provides insight into management commitment to and implementation of awareness creation and training measures for ICT safety and security within network companies.<\/jats:p>\n <\/jats:sec>","DOI":"10.1108\/ics-02-2014-0017","type":"journal-article","created":{"date-parts":[[2015,6,10]],"date-time":"2015-06-10T13:45:13Z","timestamp":1433943913000},"page":"302-316","source":"Crossref","is-referenced-by-count":14,"title":["Management commitment and awareness creation \u2013 ICT safety and security in electric power supply network companies"],"prefix":"10.1108","volume":"23","author":[{"given":"Ruth \u00d8stgaard","family":"Skotnes","sequence":"first","affiliation":[]}],"member":"140","reference":[{"key":"key2020122301021685700_b1","doi-asserted-by":"crossref","unstructured":"Albrechtsen, E.\n (2006), \u201cA qualitative study of users\u2019 view on information security\u201d, \n Computers & Security\n , Vol. 26 No. 4, pp. 276-289.","DOI":"10.1016\/j.cose.2006.11.004"},{"key":"key2020122301021685700_b2","unstructured":"Albrechtsen, E.\n and \n Hagen, J.M.\n (2009), \u201cInformation security measures influencing user performance\u201d, in \n Martorell, S.\n , \n Guedes Soares, C.\n and \n Barnett, J.\n (Eds), Safety, Reliability and Risk Analysis: Theory, Methods and Applications, Taylor \n\t\t\t\t\t&\n\t\t\t\t Francis Group, London, pp. 2649-2656."},{"key":"key2020122301021685700_b3","doi-asserted-by":"crossref","unstructured":"Albrechtsen, E.\n and \n Hovden, J.\n (2009), \u201cThe information security digital divide between information security managers and users\u201d, \n Computers & Security\n , Vol. 28 No. 4, pp. 76-490.","DOI":"10.1016\/j.cose.2009.01.003"},{"key":"key2020122301021685700_b4","unstructured":"Antonsen, S.\n (2009), \n Safety Culture: Theory, Method and Improvement\n , Ashgate Publishing Limited, London."},{"key":"key2020122301021685700_b5","doi-asserted-by":"crossref","unstructured":"Besnard, D.\n and \n Arief, B.\n (2004), \u201cComputer security impaired by legitimate users\u201d, \n Computers & Security\n , Vol. 23 No. 3, pp. 253-264.","DOI":"10.1016\/j.cose.2003.09.002"},{"key":"key2020122301021685700_b6","unstructured":"FOCUS\n (2013), \u201cAnnual assessment by the Norwegian intelligence service\u201d, available at: http:\/\/forsvaret.no\/om-forsvaret\/organisasjon\/felles\/etjenesten\/Documents\/0886-FOCUS-english-2013.pdf (accessed 15 August 2013)."},{"key":"key2020122301021685700_b7","doi-asserted-by":"crossref","unstructured":"Fricker, R.D.\n and \n Schonlau, M.\n (2002), \u201cAdvantages and disadvantages of internet research surveys: evidence from literature\u201d, \n Field Methods\n , Vol. 14 No. 4, pp. 347-367.","DOI":"10.1177\/152582202237725"},{"key":"key2020122301021685700_b8","unstructured":"Hagen, J.M.\n (2009), \u201cThe human factor behind the security perimeter \u2013 evaluating the effectiveness of organizational information security measures and employees\u2019 contributions to security\u201d, PhD thesis no. 2009:874, Series of dissertations submitted to the Faculty of Mathematics and Natural Sciences, University of Oslo."},{"key":"key2020122301021685700_b9","unstructured":"Hagen, J.M.\n and \n Albrechtsen, E.\n (2009a), \u201cRegulation of information security and the impact on top management commitment: a comparative study of the energy supply sector and the finance sector\u201d, in \n Martorell, S.\n , \n Guedes Soares, C.\n and \n Barnett, J.\n (Eds), Safety, Reliability and Risk Analysis: Theory, Methods and Applications, Taylor \n\t\t\t\t\t&\n\t\t\t\t Francis Group, London, pp. 407-413."},{"key":"key2020122301021685700_b10","doi-asserted-by":"crossref","unstructured":"Hagen, J.M.\n and \n Albrechtsen, E.\n (2009b), \u201cEffects on employees\u2019 information security abilities by e-learning\u201d, \n Information Management & Computer Security\n , Vol. 17 No. 5, pp. 388-407.","DOI":"10.1108\/09685220911006687"},{"key":"key2020122301021685700_b11","doi-asserted-by":"crossref","unstructured":"Hagen, J.M.\n , \n Albrechtsen, E.\n and \n Hovden, J.\n (2008), \u201cImplementation and effectiveness of organizational information security measures\u201d, \n Information Management & Computer Security\n , Vol. 16 No. 4, pp. 377-397.","DOI":"10.1108\/09685220810908796"},{"key":"key2020122301021685700_b12","doi-asserted-by":"crossref","unstructured":"Johnson, E.C.\n (2006), \u201cAwareness training, security awareness: switch to a better programme\u201d, \n Network Security\n , Vol. 2, pp. 15-18.","DOI":"10.1016\/S1353-4858(06)70337-3"},{"key":"key2020122301021685700_b13","doi-asserted-by":"crossref","unstructured":"Kundur, D.\n , \n Feng, X.\n , \n Liu, S.\n , \n Zountos, T.\n and \n Butler-Purry, K.L.\n (2010), \u201cTowards a framework for cyber attack impact analysis of the electric smart grid\u201d, Texas A\n\t\t\t\t\t&\n\t\t\t\tM University, Department of Electrical and Engineering.","DOI":"10.1109\/SMARTGRID.2010.5622049"},{"key":"key2020122301021685700_b14","doi-asserted-by":"crossref","unstructured":"Line, M.B.\n and \n T\u00f8ndel, I.A.\n (2012), \u201cInformation and communication technology: enabling and challenging critical infrastructure\u201d, in \n Hokstad, P.\n , \n Utne, I.B.\n and \n Vatn, J.\n (Eds), \n Risk and Interdependencies in Critical Infrastructures: A Guideline for Analysis\n , Springer-Verlag, London, pp. 147-225.","DOI":"10.1007\/978-1-4471-4661-2_10"},{"key":"key2020122301021685700_b15","doi-asserted-by":"crossref","unstructured":"Olsen, O.E.\n , \n Kruke, B.I.\n and \n Hovden, J.\n (2007), \u201cSocietal safety: concept, borders and dilemmas\u201d, \n Journal of Contingencies and Crisis Management\n , Vol. 15 No. 2, pp. 69-79.","DOI":"10.1111\/j.1468-5973.2007.00509.x"},{"key":"key2020122301021685700_b16","unstructured":"Pallant, J.\n (2010), \n SPSS Survival Manual \u2013 A Step by Step Guide to Data Analysis Using SPSS\n , 4th ed., Open University Press, Berkshire, NY."},{"key":"key2020122301021685700_b17","doi-asserted-by":"crossref","unstructured":"Patel, S.C.\n and \n Sanyal, P.\n (2008), \u201cSecuring SCADA systems\u201d, \n Information Management & Computer Security\n , Vol. 16 No. 4, pp. 398-414.","DOI":"10.1108\/09685220810908804"},{"key":"key2020122301021685700_b18","doi-asserted-by":"crossref","unstructured":"Pi\u00e8tre-Cambac\u00e9d\u00e8s, L.\n and \n Chaudet, C.\n (2010), \u201cThe SEMA referential framework: avoiding ambiguities in the terms \u2018security\u2019 and \u2018safety\u2019\u201d, \n International Journal of Critical Infrastructure Protection\n , Vol. 3, pp. 55-66.","DOI":"10.1016\/j.ijcip.2010.06.003"},{"key":"key2020122301021685700_b19","doi-asserted-by":"crossref","unstructured":"Rasmussen, J.\n (1997), \u201cRisk management in a dynamic society: a modelling problem\u201d, \n Safety Science\n , Vol. 27 Nos 2\/3, pp. 183-213.","DOI":"10.1016\/S0925-7535(97)00052-0"},{"key":"key2020122301021685700_b20","unstructured":"Regjeringen\n (2012), \u201cCyber security strategy for Norway [Nasjonal strategi for informasjonssikkerhet]\u201d, available at: www.regjeringen.no\/upload\/FAD\/Vedlegg\/IKT-politikk\/Nasjonal_strategi_infosikkerhet.pdf (accessed 10 January 2013)."},{"key":"key2020122301021685700_b21","unstructured":"Rodal, S.K.\n (2001), \u201cS\u00e5rbarhet i kraftforsyningens drifts- og styringssystemer [Vulnerabilities in the information systems of the electric power supply]\u201d, \n FFI Report No\n . 04278, available at: http:\/\/rapporter.ffi.no\/rapporter\/2001\/04278.pdf (accessed 20 November 2012)."},{"key":"key2020122301021685700_b22","unstructured":"Silverman, D.\n (2006), \n Interpreting Qualitative Data: Methods for Analyzing Talk, Text and Interaction\n , Sage, London."},{"key":"key2020122301021685700_b23","doi-asserted-by":"crossref","unstructured":"Siponen, M.\n (2000), \u201cA conceptual foundation for organizational information security awareness\u201d, \n Information Management and Computer Security\n , Vol. 8 No. 1, pp. 31-41.","DOI":"10.1108\/09685220010371394"},{"key":"key2020122301021685700_b24","unstructured":"Teknisk Ukeblad\n (2012), \u201cSikkerhet i kraftnettet\u2013 Kraftsystemet m\u00e5 ikke bli lavterskeltilbud for terrorister [Safety and security in the power grid \u2013 The electric power supply system must not become a low threshold service for terrorists]\u201d, available at: www.tu.no\/energi\/2012\/12\/14\/-kraftsystemet-ma-ikke-bli-lavterskel-tilbud-for-terrorister (accessed 17 December 2012)."},{"key":"key2020122301021685700_b25","doi-asserted-by":"crossref","unstructured":"Thomson, M.E.\n and \n von Solms, R.\n (1998), \u201cInformation security awareness: educating your users effectively\u201d, \n Information Management & Computer Security\n , Vol. 6 No. 4, pp. 167-173.","DOI":"10.1108\/09685229810227649"}],"container-title":["Information & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/ICS-02-2014-0017","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-02-2014-0017\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-02-2014-0017\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:22:40Z","timestamp":1753406560000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/23\/3\/302-316\/109581"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,7,13]]},"references-count":25,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2015,7,13]]}},"alternative-id":["10.1108\/ICS-02-2014-0017"],"URL":"https:\/\/doi.org\/10.1108\/ics-02-2014-0017","relation":{},"ISSN":["2056-4961"],"issn-type":[{"type":"print","value":"2056-4961"}],"subject":[],"published":{"date-parts":[[2015,7,13]]}}}