Knowledge management within information security: the case of Barings Bank

Managing the growing problem of computer fraud within organisations has led researchers and practitioners to emphasise the need to take into account the 'social' aspects of information security. In addition, wider organisational issues such as lack of communication have been associated with computer fraud. In trying to minimise 'opportunities' for computer fraud, this paper argues that managers' awareness and knowledge of how an organisation functions can significantly affect the effectiveness of management information security. This is because managers can send 'cues' to other employees, which influence how the latter perceive and abide by information security and other policies and procedures in their daily activities. Such perception and application are examples of tacit knowledge development and use. In developing the argument, this paper uses the case of Barings Bank together with Mintzberg's five functions of an organisation. Thus it contributes in effective management of information security from a knowledge management perspective.