Sciweavers

HICSS
2006
IEEE

The Role of External Influences on Organizational Information Security Practices: An Institutional Perspective

14 years 6 months ago
The Role of External Influences on Organizational Information Security Practices: An Institutional Perspective
This paper describes the initial findings of a case study intended to identify important organizational catalysts and impediments to implementing and using security technologies and security policies. The study focuses on how institutional forces shaped and motivated managers and employees at different levels in different ways. We found that low priority of security technology investments and internal policy development to top management is likely the main reason for organizational inertia that leads to insecurity. Two types of institutional forces seem to be the most effective mechanisms for breaking the inertia: coercive forces exerted by regulatory agencies and the normative forces exerted through the influences of professionalism and professional networks. The case shows that with respect to security technologies and policies, regulatory forces, such as the Sarbanes-Oxley Act, are much more powerful drivers for change within the organization as compared to normative influence whic...
Qing Hu, Paul Hart, Donna Cooke
Added 11 Jun 2010
Updated 11 Jun 2010
Type Conference
Year 2006
Where HICSS
Authors Qing Hu, Paul Hart, Donna Cooke
Comments (0)