中文摘要：

组织信息安全文化是与组织信息系统战略相适应的价值体系和道德规范，是关于保护信息资产安全的组织文化，是组织核心价值观的体现。论述信息安全文化的内涵与层次，从组织文化的支持，员工的信息安全意识与行为，结果，行业分布以及组织规模五个维度分析信息安全文化在组织中的角色。从组织文化理论视角、过程论视角和系统论视角总结现有的分析框架，在此基础上提出建构组织信息安全文化的整合模型，为拓展信息安全领域的理论研究和培育良好的组织信息安全文化提供合理建议。

英文摘要：

Being the embodiment of the organization＇s core values,information security culture is compatible with organizational informa-tion system strategic value system and ethics,which is the part of organizational culture to protect the safety of organizational information assets. The paper discusses the connotation and layers of information security culture,and analyzes the role of information security culture a-round five dimensions：support of the organizational culture,belief and behavior of the employees for information security and possible re-sult,industry distribution,and organization size. Based on the theories of organizational culture,process analysis and system perspective,the existing analysis framework is explored,and then an integrated framework for fostering an information security culture in organizations is proposed. The paper provides reasonable suggestions to enhance the theoretical research of information security and cultivate an effective in-formation security culture for organizations.