Title :
Institutional Drivers of Assimilation of Information Security Policies and Procedures in U.S. Firms: Test of an Empirical Model
Author :
Gallagher, Kevin P. ; Xiaoni Zhang ; Gallagher, Vickie Coleman
Author_Institution :
Northern Kentucky Univ., Highland Heights, KY, USA
Abstract :
Information security-related policies are important for organizations to safeguard against threats and plan for adverse events. However, adoption of policies (devised to insure security, privacy and acceptable use in organization, as well as to outline audit processes, disaster recovery and business continuance planning) are equally important for organizations to insure legitimacy in the eyes of stakeholders. This paper presents findings from a study that examines the degree to which institutional pressures effect the assimilation of security-related policies and procedures, i.e. The level of adoption. We examine the forces that influence assimilation of policies. Consistent with prior research, we measure mimetic, normative, and coercive forces, as perceived by managers in our sample organizations, and the current level of security-related policy assimilation. We find that the strength and significance of all three forces are confirmed.
Keywords :
business continuity; data privacy; organisational aspects; security of data; U.S. firm; audit process; business continuance planning; disaster recovery; empirical model; information security policy; institutional driver; insure security; legitimacy; organizations; policy adoption; privacy; security-related policy assimilation; Education; Industries; Organizations; Security; Standards organizations; Technological innovation; Institutional Theory; Security Policy; Technology Assimilation;
Conference_Titel :
System Sciences (HICSS), 2015 48th Hawaii International Conference on
Conference_Location :
Kauai, HI
DOI :
10.1109/HICSS.2015.559
