Information needs of system administrators in information technology service factories
CHIMIT '11 Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology
Heuristics for evaluating IT security management tools
Proceedings of the Seventh Symposium on Usable Privacy and Security
Hi-index | 0.00 |
Information technology security management (ITSM) entails significant challenges, including the distribution of tasks and stakeholders across the organization, the need for security practitioners to cooperate with others, and technological complexity. We investigate the organizational processes in ITSM using qualitative analysis of interviews with ITSM practitioners. To account for the distributed nature of ITSM, we utilized and extended a distributed cognition framework that includes as key aspects the themes of cues and norms. We show how ITSM challenges foster under-use of cues and norms, which comprises a type of risk that may result in outcomes that are adverse to the organization’s interests. Throughout, we use scenarios told by our participants to illustrate the various concepts related to cues and norms as well as ITSM breakdowns.