A scientific methodology for MIS case studies
MIS Quarterly
Information systems and power: structural versus personal views
SIGCPR '93 Proceedings of the 1993 conference on Computer personnel research
Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
Power over users: its exercise by system professionals
Communications of the ACM
Diversity in information systems action research methods
European Journal of Information Systems
Social Analyses of Computing: Theoretical Perspectives in Recent Empirical Research
ACM Computing Surveys (CSUR)
Power, politics, and MIS implementation
Communications of the ACM
Information systems and organizational change
Communications of the ACM
Investigating information systems with action research
Communications of the AIS
Why there aren't more information security research studies
Information and Management
Information Technology for Development
Using the lens of circuits of power in information systems security management
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Understanding and applying participant observation in information systems research
Proceedings of the 49th SIGMIS annual conference on Computer personnel research
From disruptions to struggles: Theorizing power in ERP implementation projects
Information and Organization
Journal of Organizational and End User Computing
Journal of Organizational and End User Computing
Hi-index | 0.00 |
Organizations need to protect information assets against cyber crime, denial-of-service attacks, web hackers, data breaches, identity and credit card theft, and fraud. Criminals often try to achieve financial, political, or personal gain through these attacks, so the threats that their actions prompt are insidious motivators for organizations to adopt information systems security (ISS) approaches. Extant ISS research has traditionally examined ISS in e-commerce business organizations. The present study investigates ISS within government, analyzing power relationships during an ISS standards adoption and accreditation process, where a head of state mandates that all government agencies are to comply with a national de jure ISS standard. Using a canonical action research method, designated managers of ISS services across small, medium, and large agencies were monitored and assessed for progress to accreditation through surveys, interviews, participant observation at round table forums, and focus groups. By 2008, accreditation status across the 89 agencies participating in this study was approximately 33 percent fully accredited, with 67 percent partially compliant. The research uses Clegg's (1989) circuits of power framework to interpret power, resistance, norms, and cultural relationships in the process of compliance. The paper highlights that a strategy based on organization subunit size is helpful in motivating and assisting organizations to move toward accreditation. Mandated standard accreditation was inhibited by insufficient resource allocation, lack of senior management input, and commitment. Factors contributing to this resistance were group norms and cultural biases.