About this project
International information security (IS) standards are best practices developed by IS-experts globally. Hence, they indirectly influence how IS-cultures develop in organisations since standards are often used as starting points, or as in the case of Swedish public authorities where the implementation of ISO-27000 is required. Currently, insufficient attention is devoted to how international standards are co-constructed in processes creating meanings, trust and settling social structures. This project focuses on the co-construction of international IS-standards, such as the ISO 27000-series and their Swedish implementation and use. We will study standards’ roles for creating IS-cultures for IS-experts, and what role global standards have in organisations using these standards for IS management. The project will 1) uncover the co-construction of global ISO standards and the role ISO standards have in creating an IS-culture for IS-experts, and 2) uncover the role ISO standards have in forming an organization’s IS-culture.