Paper Info
Title
Institutional Drivers of Assimilation of Information Security Policies and Procedures in U.S. Firms: Test of an Empirical Model
Abstract
Information security-related policies are important for organizations to safeguard against threats and plan for adverse events. However, adoption of policies (devised to insure security, privacy and acceptable use in organization, as well as to outline audit processes, disaster recovery and business continuance planning) are equally important for organizations to insure legitimacy in the eyes of stakeholders. This paper presents findings from a study that examines the degree to which institutional pressures effect the assimilation of security-related policies and procedures, i.e. The level of adoption. We examine the forces that influence assimilation of policies. Consistent with prior research, we measure mimetic, normative, and coercive forces, as perceived by managers in our sample organizations, and the current level of security-related policy assimilation. We find that the strength and significance of all three forces are confirmed.
Year
DOI
Venue
2015
10.1109/HICSS.2015.559
System Sciences
Keywords
Field
DocType
business continuity,data privacy,organisational aspects,security of data,u.s. firm,audit process,business continuance planning,disaster recovery,empirical model,information security policy,institutional driver,insure security,legitimacy,organizations,policy adoption,privacy,security-related policy assimilation,institutional theory,security policy,technology assimilation,security
Public economics,Institutional theory,Economics,Audit,Network security policy,Continuance,Information security standards,Acceptable use policy,Knowledge management,Security policy,Marketing,Disaster recovery
Conference
ISSN
Citations 
PageRank 
1530-1605
0
0.34
References 
Authors
6
3
Name
Order
Citations
PageRank
Kevin P. Gallagher117718.25
Xiaoni Zhang232127.08
Vickie Coleman Gallagher342.34