Please use this identifier to cite or link to this item:
A Holistic View on Organizational IT Security: The Influence of Contextual Aspects During IT Security Decisions
|Title:||A Holistic View on Organizational IT Security: The Influence of Contextual Aspects During IT Security Decisions|
|Keywords:||Information Security and Privacy in Business and Society|
Organizational Systems and Technology
decision, investment, IT security, risk planning model, SME
|Date Issued:||08 Jan 2019|
|Abstract:||Decisions regarding organizational IT security are often approximated by models drawing on normative statistical decision theories even though several IS researchers and studies in cognate disciplines have argued for the importance of contextual aspects. Based on findings in organizational and behavioral science and 25 expert interviews, this paper proposes a framework, postulating that IT security (investment) decisions are largely influenced by such contextual aspects: organizational, environmental, economic, and not least of all by cognitive and behavioral aspects of decision-makers.|
Subsequently, we review organizational IT security literature building on Straub and Welke’s Security Risk Planning Model and the previously postulated conceptual framework. This critical literature review highlights the scarcity of studies analyzing IT security decision-making from a behavioral, environmental, and organizational perspective and thus argues for the importance and future consideration of contextual aspects regarding IT security decisions.
|Rights:||Attribution-NonCommercial-NoDerivatives 4.0 International|
|Appears in Collections:||
Informations Systems Benefits and Value|
Please email firstname.lastname@example.org if you need this content in ADA-compliant format.
This item is licensed under a Creative Commons License