Understanding Information Technology Security Standards Diffusion - An Institutional Perspective
Sylvestre Uwizeyemungu, Placide Poba-Nzaou
2015
Abstract
Organizations' dependency on information technology (IT) resources raises concerns over IT confidentiality, integrity, and availability. IT security standards (ITSS) which play a key role in IT security governance, are meant to address those concerns. It is then important for researchers, managers, and policy-makers to understand the reasons for the low levels of ITSS diffusion in organizations. Building on institutional perspective, this study shows that none of the ITSS has yet reached the stage of legitimation that would prompt a widespread diffusion across organizations. Of particular focus is the benchmarking of ISO/IEC 27000 against other more diffused ISO generic standards. Three methodological approaches were used: structured documentation analysis, public secondary data analysis, and informal interviews of experts. This study sensitizes managers and policy-makers to the key role of institutional mechanisms in shaping ITSS diffusion.
DownloadPaper Citation
in Harvard Style
Uwizeyemungu S. and Poba-Nzaou P. (2015). Understanding Information Technology Security Standards Diffusion - An Institutional Perspective . In Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-081-9, pages 5-16. DOI: 10.5220/0005227200050016
in Bibtex Style
@conference{icissp15,
author={Sylvestre Uwizeyemungu and Placide Poba-Nzaou},
title={Understanding Information Technology Security Standards Diffusion - An Institutional Perspective},
booktitle={Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2015},
pages={5-16},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005227200050016},
isbn={978-989-758-081-9},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Understanding Information Technology Security Standards Diffusion - An Institutional Perspective
SN - 978-989-758-081-9
AU - Uwizeyemungu S.
AU - Poba-Nzaou P.
PY - 2015
SP - 5
EP - 16
DO - 10.5220/0005227200050016