Calculate Price

Total

Sample Questions

Sample questions

Get a 10%  discount on order above $ 10
Use the following coupon code :

MASTERPIECE2020

Music Project: Contextual Listening Journal

Write my research paper

Qualitative Research Design Project

Please follow it. Purchase the answer to view it

SAMPLE ANSWER

Qualitative Research Design Project

Student’s Name

Institutional Affiliation

 

 

Qualitative Research Design Project

Part One

D1-1

            The selected qualitative research article examined information security management (ISM) practices from an Indian and Germany organizations. The qualitative research article adopted a semi-structured interview methodology to investigate the prevalent information security management practices from ITComp 1 in India and ITComp 2 from Germany (Singh, et al., 2013). In this approach, a semi-structured questionnaire template was utilized, which consisted of 39 questions grouped into six guiding factors on the research topic. These factors included information security requirements, policy, culture, regulations compliance, audit, and ISM best practices (Da Veiga & Martins, 2015). The studied cases were analyzed with the use of a two-step approach, where observations obtained from the interviews were presented using a descriptive methodology. The descriptive methodology was adopted to congregate the findings of the current situation of ISM from the selected organizations (Singh, et al., 2013).

The researchers used semi-structured interviews because of the need to allow for flexibility of the interviewee to ask additional questions based the responses provided during the process (Jašek, Králík & Popelka, 2015). Since it was a qualitative study, the semi-structured interviews provided room for the respondents to provide unrestricted responses regarding the how they understand issues and events. In this vein, the respondents is given the opportunity to explain events, patterns, and forms of behavior and practices prevalent on the organizations concerning information security management practices (Jašek, Králík & Popelka, 2015). The main objective of the researcher was to gather opinions, perceptions, and attitudes regarding information security management practices on the organizations from the two countries.

Semi-structured interviews have a number of limitations. First, the methodology depends on the interviewer’s skill and ability to apply critical thinking capacity during the interview process (Rocha, Antonsen & Ekstedt, 2014). As such, where the researcher lacks adequate skills, the outcome is likely to be flawed (Jašek, Králík & Popelka, 2015). The researcher may give out unconscious cues that influence the responses provided. It is time consuming and consequently expensive (Rocha, Antonsen & Ekstedt, 2014). Additionally, due to its qualitative nature of the information given, analysis can be difficult when the researcher is filtering out relevant materials (Alnatheer, 2015).

D1-2

The twentieth century and preceding centuries witnessed the dominance of quantitative research methodologies, which mainly emerged from natural sciences including Biology, Chemistry, and Geology among others (Lakshman et al., 2000). Quantitative research approaches were concerned with investigating phenomena that people could observe and measure (Neuman, 2005). Later on, social scientists expressed dissatisfaction with the philosophical assumptions of quantitative research methodology an approach of generating knowledge and conducting research (Lakshman et al., 2000). The assumption of qualitative research methodology is that the aim of research should center on understanding the meaning that events have for individual beings under study (Neuman, 2005). Social researchers focus qualitative methodology on gaining understanding why things are the way they are in society as well as understanding people’s behavioral ways (Neuman, 2005).

The above mentioned intellectual debate led to two categories of researchers; the quantitative purists and qualitative purists. Quantitative and quantitative methodologies differ on their philosophical assumptions (Neuman, 2005). The former contends that social phenomena should be treated in the same way physical phenomena while the latter rejects the positivistic assumptions and holds the belief that reality is subjective, multiple and socially constructed by its participants (Patton, 2005). Social scientists posit that the relative preference of each methodology is underpinned by the philosophical issues associated with nature of reality (ontology) as well as knowledge (epistemology) (Patton, 2005). It is worth noting that quantitative methodology framework maintains that reliable knowledge is obtainable through direct observation and/or manipulation of physical phenomena where empirical means are applied (Lakshman et al., 2000). On the other hand, the qualitative methodology framework views the world as constructed, interpreted, and experienced through interactions shaped by social systems (Patton, 2005). Chosen Topic: Investigating Perceptions on Effective Information Security Management Practice

D2-1

Study Title: Information security survey in three organizations in New York

PI: Student’s Name

Date: dd/mm/yy

You are invited to take part in a research study conducted by (Student’s Name) from (institution).

The main objective for requesting your participation is that we would like to investigate the employees’ perceptions on information security management in your organization. Information security management practices have been shown to be vital success factors of adopting information technology in contemporary business. In this vein, the current research study intends to identify employees’ attitudes and experiences regarding the ISM practices from your workplace.

You have been selected as a possible participant because you are part of the organization’s workforce. The proposed study is intended to gather information from employees who have worked with the organization for more than two years. This further explains the reason behind your selection.

The participation will involve answering questions from an interviewer at an average period of one hour. The location and specific hour of the interview process will be determined according to your choice and convenience. The location can be in your work station, nearby coffee shop or the company’s cafeteria or other locations of your preference. It is worth understanding that the hour of the planned interview will take place at a convenient time according to your choice. The researcher will fill in a semi-structured questionnaire during the interview process. Additionally, audio recording will be carried out to obtain data for further analysis.

Your participation in the planned research study does not expose you to any risks whatsoever. You are encouraged to raise respond promptly to any arising issues of discomfort. You can also ask questions where you feel additional clarification. Your involvement in the research exercise does not warrant you any direct benefits. It is rather intended to provide insight into your attitudes and perceptions on information security management in your workplace. The information you give will be protected and will not be connected with your real names. Your participation in the proposed exercise is optional. You can choose to withdraw from the interview any time. In case you need additional information about the researchers, please feel free to contact the school department spearheading it.

(To be done)

D2-2

            Qualitative research approach has its strengths as well as limitations. First, it has an increased degree of flexibility of research design (Cassell & Symon, 2004). This merit implies that a qualitative researcher is not restricted to use certain resign designs as is the case with quantitative approaches (Taylor, Bogdan & DeVault, 2015). Second, it has the capability of avoiding reliance on the researchers’ pre-determined assumptions (Berg, Lune & Lune, 2004). This is because as the researchers interact with respondents, one is able to identify new conceptualizations and issues surrounding a certain issue studied. The researcher seeks to identify participants’ perceptions and attitudes regarding the phenomenon under study (Taylor, Bogdan & DeVault, 2015). Therefore, the information gathered challenges pre-determined outcomes (Cassell & Symon, 2004). Additionally, quantitative approaches give the researcher the ability to focus on the meanings of important issues for participants, including inconsistencies in their perspectives (Taylor, Bogdan & DeVault, 2015). Also, the approach enables researchers to handle sensitive issues and appreciating the social context of people’s attitudes, beliefs, and experiences (Taylor, Bogdan & DeVault, 2015).

Qualitative research is associated with various limitations. First, it is time consuming (Berg, Lune & Lune, 2004). The methodologies used to gather data including interviews, whether structured or semi-structured and surveys require too much time to apply. Consequently, data collection is an expensive undertaking since a lot of resources must be employed, including materials and human resources (Taylor, Bogdan & DeVault, 2015). Data analysis and presentation is also time consuming and expensive (Cassell & Symon, 2004). Also, the approach relies on a small number of participants due to its lengthy data collection techniques. This in turn affects the reliability and generalization of the research outcomes (Berg, Lune & Lune, 2004). One of the mostly cited limitations of qualitative research methodology is the reluctance of many academics, practitioners, and policy makers to adopt it (Taylor, Bogdan & DeVault, 2015).

D3-1

            In an attempt to understand what role emotional intelligence plays in the conflict negotiation and management, the researchers adopted a descriptive phenomenological approach (Valon, 2011). The qualitative study was explorative and was meant to understand what role is played by emotional intelligence in conflict resolution initiatives. Thus, the respondents were expected to provide a description of their lived experiences (Valon, 2011).  In this vein, the research adopted a phenomenological approach as a philosophy as well as a method. This helped the researcher to gather information regarding what the participants experienced and how they experienced it. The chosen approach helps to study the complex phenomenon of emotional intelligence and required assessments from diverse participants’ vantage points (Valon, 2011).

Given the increasing recognition and application of interview-based studies that involve a limited number of participants, the phenomenological study comprised seven participants (Afzalur et al., 2002). This is because a phenomenological research study entails a deep study of the concept and thus only a small number of participants is required. The study employed three sampling techniques including purposeful sampling, criterion sampling, and snow-balling (Afzalur et al., 2002). In purposeful sampling, the researcher identifies individuals who can purposely inform an understanding of the research problem (Valon, 2011). Criterion sampling involves the selection of participants who possess the desired experiences. Lastly, snow-balling ensured that the participants gave referrals to other potential respondents who satisfied the laid down criteria of selection (Sandelowski, 2000).

Data collection employed in-depth interviews which focused on specified experiences, attitudes, and viewpoints. The phenomenological research study used one-on-one long interviews to collect data (Afzalur et al., 2002). The researcher listened to participants and built an understanding of the phenomenon of emotional intelligence. The researcher followed the required procedures, including the signing of informed consent by the participants prior to conducting the interviews. Face-to-face interviews were carried out among the seven participants (Afzalur et al., 2002). The phenomenological interviews began with meditative activity to help in relaxing the respondents as well as establishing an environment of trust (Valon, 2011). The interviewer took about 45 minutes on each respondent, where audio recording also took place.

D3-2

            The proposed study seeks to develop an insight into understanding of the employees’ perceptions and practical experiences regarding the phenomenon of information security management. As such, explorative and phenomenological approaches will be suitable for the proposed topic. The researcher will use semi-structured interviews. These interviews will give the researcher a high degree of flexibility while asking questions. The researcher will endeavor to explore how employees of the selected organization perceive the information security management practices. In the wake of increased uncertainty and the wave of technological changes, the organizational way of exchanging information has been influenced greatly. In this regard, it has become critical for managers to employ tech-savvy methods to handle crucial information to avoid breach that can be costly.

Selection of respondents will be done using two sampling techniques including purposive sampling and snow-balling. Purposive sampling will ensure that selection of participants will not be random. Only those participants who are in a position to provide relevant information regarding the topic will be chosen. The chief advantage of purposive sampling is that participants who serve the intended purpose are selected. Thus, no time and resources are wasted while engaging non-suitable respondents who have little or no knowledge concerning the phenomenon under study. On the other hand, snow-balling implies that the selected participants give referrals to other potential respondents who meet the applied criterion.

Open-ended questionnaires will be designed for the collection of data during interviews. The following research questions will be included in the questionnaires.

  1. What do you understand by the term information security?
  2. In your opinion, how does information security impact your company?
  3. Do you think your organization employs the right ISM practices? What can they do better to improve information security?
  4. Can technological capabilities offer the lasting solution to problems surrounding information security? If yes, explain why. If not, what permanent initiatives can provide a lasting remedy?
  5. What cultural practices are well aligned with ISM practices in your organizations?

D4-1

Dealing with qualitative data has been shown to be demanding, repetitive, and sometimes involving arduous errands. Unlike quantitative data, which embodies mere observations and drawing conclusions, qualitative data requires the researcher to exhibit dynamism, intuition, and creativity besides having the ability to offer an opinion, through reasoning and theorizing. Thus, a qualitative researcher fragments huge blocks of data to manageable sets to increase ease of understanding and presentation. The aim of fragmenting qualitative data is to put them into groups of classes that relate conceptually and theoretically.

Towards the end twentieth century and the beginning of the twenty- first century, researchers have proactively worked together to create tools that reduce the burdensome work of qualitative research. Computer assisted analysis was developed to allow categories of texts to be marked or edited in word processers. The retrieval of text from data was made possible when the NUD*IST was developed (Welsh, 2002). The software helped researchers to carry out data coding and in turn create a system of codes connected to each other with the use of a tree structure.

Over time, numerous software programs have been developed to help in qualitative research (Lewins & Silver, 2007). Benefits of using software in qualitative research cannot be underestimated. They include saving of time when handling enormous data, allows for greater flexibility, and providing researchers withy better management of data (Wright, 2005). The software provides greater accuracy thus improves reliability, transparency, and credibility of findings (Lewins & Silver, 2007). The software further helps in data collection, storage, reporting, and retrieval. The use of software in qualitative research is challenging given the abstractness of the data collected, the requirement to learn on the skills of applying it, and the cost of purchasing and installing (Welsh, 2002).

D4-2

Data analysis if the final stage of a qualitative study. It entails the interpretation of in-depth interviews, participant observations, the use of literature and existing theories. In semi-structured interviews, the researcher uses open-ended questions probing respondents for detailed and contextual responses (Miles, Huberman & Saldana, 2013). The researcher in the article studying the benefits of executive coaching has not clearly explained how the data analysis was carried out. However, it shows that an understanding of the respondents’’ viewpoints on what executive coaching means kicked off the data analysis process.

In the wake of advanced technological innovation in the discipline of social sciences, qualitative data analysis is set to become even easier and well elaborated. For instance, Mc Cracken gave a five step analytic process that represents a high degree of generality. The first step entails reading each interview transcript more than once in a bid to develop an understanding of the content and to identify useful comments. Step two Involves grouping observations into preliminary descriptive and interpretative classes based on the evidence manifested in the interview transcripts. Then, using the QSR NUD*IST software, the documents are entered into the system and memos drafted for each (Bringer, Johnston & Brackenridge, 2006).

The third step involves thorough examination of the preliminary codes to identify relationships and develop patterns. At this stage, the researcher should be in a position to view patterns ad themes forming clearly. Stage four entails determining basic themes by examining clusters of participants’ comments and the researchers’ memos. The researcher looks for more connections among the codes that link them together (Bringer, Johnston & Brackenridge, 2006). Finally, stage five looks at themes from all interviews across all categories with a view to delineating predominant themes within the data (Grbich, 2012). The researcher obtains answers to the research questions, which are presented by the predominant themes.

The future of qualitative data analysis is promising. Technological innovations will play a vital role in creating more sophisticated software to enhance more refined data analysis. This will enhance rigor, flexibility, credibility, reliability, and generality of the research findings (Miles, Huberman & Saldana, 2013). Software that is likely to establish more connections of the predominant themes with the inclusion of aids to data analysis, such as field notes and analytic memos will be effective in achieving the above mentioned goal of qualitative research (Hu, West & Smarandescu, 2015).

D5-1

Data presentation and results section form an integral part of qualitative research design (Creswell, 2013). The researcher in the article used concept mapping as a mode of data presentation. The method provides visual representation of dynamic schemes of understanding within human minds (Creswell, 2013). The method enables conversion of information into diagrams, and graphs for representations. This allows an integration of related ideas, concepts, and themes forming visuals on the paper making it easy for interpretation by the researcher (Creswell, 2013; Berg, Lune & Lune, 2004). Data presentation in this qualitative research study was well done as it used concept maps to identify concepts and connections based on the participants’ view points and lived experiences (Taylor, Bogdan & DeVault, 2015).

Since it is a qualitative study, data presentation involves display of results from a small number of participants (Creswell, 2013). This allows for presentation of individual case information besides giving room for in-depth study of the phenomenon in question (Taylor, Bogdan & DeVault, 2015). Data presentation is characterized by rich detail of phenomena as they are found within the context of participants (Berg, Lune & Lune, 2004). The use of vivid cases helps the researcher to demonstrate phenomena to the intended audience of the qualitative study (Creswell, 2013). Nonetheless, some weaknesses can be pointed out regarding the qualitative data presentation of results (Taylor, Bogdan & DeVault, 2015). The most outstanding weakness of the results from a qualitative study is the influence by the researcher’s personal bias and idiosyncrasy (Creswell, 2013). The presentation of data can be time consuming since a lot of details are included for elaborate understanding by the intended audiences (Taylor, Bogdan & DeVault, 2015).

Part Two

Investigating Perceptions on Effective Information Security Management Practice

Introduction

            The twenty-first century continues to witness a growing adoption of information systems that are revolutionizing the way organizations work and achieve success. The continued employment of information technology systems by both public and private organizations has created room for potential malicious practices (Chatterjee, Sarker & Valacich, 2015). These practices pose substantial threat to organizational information that in turn leads to costly losses (Spears & Barki, 2010; Yearworth & White, 2013). As such, understanding information security risks affecting organizational managers’ and employees’ operations is vital for mitigation and enhancing the theorized benefits of adopting information technology (Istikoma et al., 2015). Most university institutions apply information technology (IT) systems for numerous essential administrative and pedagogical activities such as teaching, learning, and research (AlHogail, 2015). Nevertheless, the process of establishing effective information security management practices poses a huge challenge to the security practitioners (Gebrasilase & Lessa, 2011). This paper presents a research proposal that seeks to investigate perceptions on information security management in the workplace.

Research Problem

            Throughout the world conventional and best practice in managing information security are similar. Nonetheless, the application of these practice approaches to certain contexts, situations, and perspectives pose a tough challenge to information security practitioners (Appari & Johnson, 2010). The safety of information assets in organizations relies heavily on the ISM practices and the information security nurtured across the entire setting (Chatterjee, Sarker & Valacich, 2015). Other factors impacting the effectiveness of information security management include the information security environment and the level of awareness of the phenomenon and their relation to individual attitudes and perceptions of the people towards information security management (Appari & Johnson, 2010).

Creating a stable and vibrant security culture in the modern organizational workplaces has increasingly being asserted as important in the global knowledge-driven economy (Chatterjee, Sarker & Valacich, 2015). In the wake of growing adoption of information technology systems, organizations needs to create cultures that enhance compliance and safeguarding of wealthy information available in those systems (Appari & Johnson, 2010). Employers and managers’ behaviors when handling organizational information determine the security and safety of company information (Nazareth, & Choi, 2015). Where appropriate culture is lacking, cases of information leakage and security breach are likely to become rampant. Information breaches and leakage can cost an organization, its entire business, especially where business secrets are availed to competitors (Nazareth, & Choi, 2015). In this vein, information security management practices are inevitably warranted by organizations as a strategy of safeguarding an organization’s business secrets and key success factors (Chatterjee, Sarker & Valacich, 2015). Overall, ISM practices aim at implementing an effective strategy that will manage internal and external factors affecting the workability information technology while protecting the business from potential threats (Nazareth, & Choi, 2015).

Significance of the Study

            The proposed research study will investigate what the stakeholders of the selected organization perceive information security management practices as, and their take on the effectiveness of ISM practices in mitigating risks posed by information technology systems (Nazareth & Choi, 2015). Further, the study will explore the success factors that underpin the development of information security culture. Particularly, the study pays close attention to both intrinsic and extrinsic factors to the organization, which influence information security management practices in private and public companies.

Qualitative Research Questions

            Explorative and a phenomenological research studies seek to gather information about people’s lived experiences that defines their perceptions on a particular phenomenon or idea. Effective information security management is a rather newer term in many organizations, which are gradually adopting digitization through proactive application of information technology (Munteanu & Fotache, 2015). The proposed study delves into the organization’s perceptions on the term and what people think best practice in managing information security implies and requires. In this regard, the study will be guided by several key qualitative research questions. These questions are listed as follows:

  1. What does information security management mean to the organization’s stakeholders?
  2. What information security management practices are currently employed in the organization?
  3. What key factors influence the success of information security management practices?
  4. What challenges are encountered by ISM practitioners and what possible solutions are perceived as effective in the long-term?
  5. How is the organization prepared for the uncertain technological environment? For instance cyber-attacks have been on the rise. What does the management think regarding establishing an information security culture to promote integrity when using information technology systems (AlHogail & Mirza, 2014)?

Qualitative Approach and Rationale

            This study will adopt an explorative and phenomenological approach. The study aims to investigate the organization’s understanding of the term information security management and exploring what the people perceive best ISM practice entails (Longhurst, 2003). The study will further intend to unravel the current ISM practice and suggest ways of improving them in an attempt to prepare for future challenges facing information technology application.

Population, Sampling and Rationale

            The proposed research study will use purposive sampling and snowballing techniques (Oliver, Serovich & Mason, 2005). The rationale for the use of these techniques is best explained by the focus of our study. Target organizations will include hospitals, universities and a company that is slowly adopting information technology in its operations (Britten, 2007). In these organizations, the participants will include top managers and middle managers who are anticipated to understand the phenomenon information security management practices. Snow-balling implies that the selected participants to refer the researchers to other suitable respondents for the study (Hair, 2007; Taylor, Bogdan & DeVault, 2015).

Data Collection Methods

            Qualitative research study, especially those that are phenomenological and explorative tend to use unstructured or semi-structured questionnaires to gather people’s experiences, attitudes, and perceptions about the phenomenon in question. The researcher will use the questionnaires to ask the participants open-ended questions (Moyle, 2002). The respondents will be given adequate time to tell their stories of experience and their thoughts regarding information security management practices. The data will be recorded using audio recording systems for further analysis (Kvale, 2008). The researcher will also take short notes as the participants provide responses to the questions. Each interview session will take about forty minutes.

Credibility and utility

            The researcher will be very keen to ensure that the research methodology will robustly stands tests of credibility, validity, and utility (Berg, Lune & Lune, 2004). To attain credibility and utility, the researcher will employ ethical experience while gathering data and interacting with respondents. The researcher possesses adequate skills that qualify him to undertake the proposed study. Prior exposure to information systems and security issues associated with IT will be done to prepare the researcher for the research process. This includes doing an extensive literature review on the concept to gain adequate knowledge on the role of information systems in organizational operations, the emerging issues in IT, and the challenges that are likely to impact its future application.

Data Analysis and Presentation Strategy

            Data analysis is a vital component research studies. It entails looking at the data and trying to gain insight from the results of the research study. To ensure credibility, the researcher will make concerted efforts to incorporate and recognize structure of the interpretive and subjective position. This will be primarily done to achieve creativity and objectivity while interpreting results. The phenomena will be supported to provide a justification to the meaning attached to the relationships pointed out (Wellard & McKenna, 2001). Protocols of thematic analysis will be adopted, which features a systematic and rigorous approach. Interviews’ transcripts will be interpreted and connections drawn for presentation (Patton, 2005). Thematic analysis technique will be employed to identify emerging themes and patterns (Wellard & McKenna, 2001). Data coding systems will be employed to identify, categorize the themes and patterns for presentation. Coding will adopt the Atlas.ti and construction of relationship diagrams (Yearworth & White, 2013). Data display will be utilized to further refine data through familiarization, reduction, and display (Lawrence & Tar, 2013). Narrative texts will form part of the data display besides the use of quotations and codes (Wellard & McKenna, 2001). Coding will provide succinct representations besides distinguishing relationships emerging from the gathered data to give shape to arising themes (Dabić & Stojanov, 2014).

Researcher’s Role

            The primary role of the researcher will be to guide the proposed research process including creating informed consent that will be given to participants, data collection, analysis, and presentation. Additionally, the researcher will oversee the smooth process taking into account the role and dignity of participants.

References

Afzalur Rahim, M., Psenicka, C., Polychroniou, P., Zhao, J. H., Yu, C. S., Anita Chan, K., … & Ferdausy, S. (2002). A model of emotional intelligence and conflict management strategies: A study in seven countries. The International Journal of Organizational Analysis10(4), 302-326.

AlHogail, A. (2015). Design and validation of information security culture framework. Computers in Human Behavior49567-575.

AlHogail, A., & Mirza, A. (2014). A proposal of an organizational information security culture framework.Proceedings Of International Conference on Information, Communication Technology & System (ICTS) 2014, 243.

Alnatheer, M. A. (2015). Information Security Culture Critical Success Factors. 2015 12Th International Conference on Information Technology – New Generations, 731.

Appari, A., & Johnson, M. E. (2010). Information security and privacy in healthcare: current state of research. International journal of Internet and enterprise management6(4), 279-314.

Berg, B. L., Lune, H., & Lune, H. (2004). Qualitative research methods for the social sciences (Vol. 5). Boston, MA: Pearson.

Bringer, J. D., Johnston, L. H., & Brackenridge, C. H. (2006). Using computer-assisted qualitative data analysis software to develop a grounded theory project. Field methods18(3), 245-266.

Britten, N. (2007). Qualitative interviews. Qualitative Research in Health Care, Third Edition, 12-20.

Cassell, C., & Symon, G. (Eds.). (2004). Essential guide to qualitative methods in organizational research. Sage.

Chatterjee, S., Sarker, S., & Valacich, J. S. (2015). The Behavioral Roots of Information Systems Security: Exploring Key Factors Related to Unethical IT Use. Journal Of Management Information Systems31(4), 49-87.

Creswell, J. W. (2013). Research design: Qualitative, quantitative, and mixed methods approaches. Sage publications.

Da Veiga, A., & Martins, N. (2015). Information security culture and information protection culture: a validated assessment instrument. Computer Law & Security Report, (2), 243.

Dabić, T., & Stojanov, Ž. (2014). Techniques for Collecting Qualitative Data in Education research: Example of Two Studies in Information Technology Field. Singidunum Journal of Applied Sciences, 362-367.

Duffy, K., Ferguson, C., & Watson, H. (2004). Data collecting in grounded theory-some practical issues. Nurse Researcher11(4), 67-78.

Gebrasilase, T., & Lessa, L. F. (2011). Information Security Culture in Public Hospitals: The Case of Hawassa Referral Hospital. African Journal Of Information Systems3(3), 72-86.

Grbich, C. (2012). Qualitative data analysis: An introduction. Sage.

Hair, J. F. (2007). Research methods for business.

Hu, Q., West, R., & Smarandescu, L. (2015). The Role of Self-Control in Information Security Violations: Insights from a Cognitive Neuroscience Perspective. Journal Of Management Information Systems, 31(4), 6-48.

Istikoma, Bt Fakhri, N. F., Qurat-ul-Ain, & Ibrahim, J. (2015). Information Security Aligned To Enterprise Management. Middle East Journal Of Business10(1), 62-66.

Jašek, R., Králík, L., & Popelka, M. (2015). ITIL® and Information Security. AIP Conference Proceedings1648(1), 1-4.

Kvale, S. (2008). Doing interviews. Sage.

Lakshman, M., Sinha, L., Biswas, M., Charles, M., & Arora, N. K. (2000). Quantitative Vs qualitative research methods. The Indian Journal of Pediatrics67(5), 369-377.

Lawrence, J., & Tar, U. (2013). The use of Grounded Theory Technique as a Practical Tool for Qualitative Data Collection and Analysis. Electronic Journal Of Business Research Methods11(1), 29-40.

Lewins, A., & Silver, C. (2007). Using software in qualitative research: A step-by-step guide. Sage.

Longhurst, R. (2003). Semi-structured interviews and focus groups. Key methods in geography, 117-132.

Miles, M. B., Huberman, A. M., & Saldana, J. (2013). Qualitative data analysis: A methods sourcebook. SAGE Publications, Incorporated.

Moyle, W. (2002). Unstructured interviews: challenges when participants have a major depressive illness. Journal of Advanced Nursing39(3), 266-273.

Munteanu, A., & Fotache, D. (2015). Enablers of Information Security Culture. Procedia Economics And Finance20(Globalization and Higher Education in Economics and Business Administration – GEBA 2013), 414-422.

Nazareth, D. L., & Choi, J. (2015). A system dynamics model for information security management. Information & Management,52123-134.

Neuman, W. L. (2005). Social research methods: Quantitative and qualitative approaches (Vol. 13, pp. 26-28). Boston, MA: Allyn and bacon.

Oliver, D. G., Serovich, J. M., & Mason, T. L. (2005). Constraints and opportunities with interview transcription: Towards reflection in qualitative research. Social forces84(2), 1273-1289.

Patton, M. Q. (2005). Qualitative research. John Wiley & Sons, Ltd.

Rocha Flores, W., Antonsen, E., & Ekstedt, M. (2014). Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture. Computers & Security4390-110.

Sandelowski, M. (2000). Focus on research methods-whatever happened to qualitative description?. Research in nursing and health23(4), 334-340.

Singh, A. N., Picot, A., Kranz, J., Gupta, M. P., & Ojha, A. (2013). Information Security Management (ISM) Practices: Lessons from Select Cases from India and Germany. Global Journal Of Flexible Systems Management14(4), 225-239.

Spears, J. L., & Barki, H. (2010). USER PARTICIPATION IN INFORMATION SYSTEMS SECURITY RISK MANAGEMENT. MIS Quarterly34(3), 503-A5.

Taylor, S. J., Bogdan, R., & DeVault, M. (2015). Introduction to qualitative research methods: A guidebook and resource. John Wiley & Sons.

Valon Murtezaj. (2011) Understanding the Role of Emotional Intelligence in Negotiating Agreements and Diplomatic Conflict Management Behaviour, Swiss Management Center, Transknowlogy Campus 1, (15-143).

Wellard, S., & McKenna, L. (2001). Turning tapes into text: Issues surrounding the transcription of interviews. Contemporary Nurse11(2-3), 180-186.

Welsh, E. (2002, May). Dealing with data: Using NVivo in the qualitative data analysis process. In Forum Qualitative Sozialforschung/Forum: Qualitative Social Research (Vol. 3, No. 2).

Wright, K. B. (2005). Researching Internet‐based populations: Advantages and Disadvantages of Online Survey Research, Online Questionnaire Authoring Software Packages, and Web Survey Services. Journal of ComputerMediated Communication10(3), 00-00

Yearworth, M., & White, L. (2013). Decision Support: The uses of qualitative data in multimethodology: Developing causal loop diagrams during the coding process. European Journal of Operational Research231151-161.