Understanding Information Technology Security Standards Diffusion - An Institutional Perspective

Sylvestre Uwizeyemungu; Placide Poba-Nzaou

doi:10.5220/0005227200050016

Understanding Information Technology Security Standards Diffusion - An Institutional Perspective

Sylvestre Uwizeyemungu, Placide Poba-Nzaou

2015

Abstract

Organizations' dependency on information technology (IT) resources raises concerns over IT confidentiality, integrity, and availability. IT security standards (ITSS) which play a key role in IT security governance, are meant to address those concerns. It is then important for researchers, managers, and policy-makers to understand the reasons for the low levels of ITSS diffusion in organizations. Building on institutional perspective, this study shows that none of the ITSS has yet reached the stage of legitimation that would prompt a widespread diffusion across organizations. Of particular focus is the benchmarking of ISO/IEC 27000 against other more diffused ISO generic standards. Three methodological approaches were used: structured documentation analysis, public secondary data analysis, and informal interviews of experts. This study sensitizes managers and policy-makers to the key role of institutional mechanisms in shaping ITSS diffusion.

Download

Paper Citation

in Harvard Style

Uwizeyemungu S. and Poba-Nzaou P. (2015). Understanding Information Technology Security Standards Diffusion - An Institutional Perspective . In Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-081-9, pages 5-16. DOI: 10.5220/0005227200050016

in Bibtex Style

@conference{icissp15,
author={Sylvestre Uwizeyemungu and Placide Poba-Nzaou},
title={Understanding Information Technology Security Standards Diffusion - An Institutional Perspective},
booktitle={Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2015},
pages={5-16},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005227200050016},
isbn={978-989-758-081-9},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 1st International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Understanding Information Technology Security Standards Diffusion - An Institutional Perspective
SN - 978-989-758-081-9
AU - Uwizeyemungu S.
AU - Poba-Nzaou P.
PY - 2015
SP - 5
EP - 16
DO - 10.5220/0005227200050016