Making Sense of Institutionalizing Information Systems Security Management in Organizations

Carol Hsu
2007 International Conference on Information Systems  
Information Systems (IS) security management has gained renewed importance for the past few years resulting from the rising numbers of security incidences and compliance pressure. While majority of IS security research has been focusing on the technical value and the effectiveness of IS security implementation, studies on the organizational process of implementation is rather limited. This paper employs a socio-cognitive perspective to examine the sense-making process of IS security BS 7799
more » ... 2 certification among different stakeholder groups in the organization. Using a qualitative case study approach, the findings reveal different understandings on the strategy and consequence of IS security implementation. We argue that socio-cognitive perspective, in particular the concept of frames analysis, can act an analytical tool to interpret meanings and anticipate actions in managing IS security in organizations.
dblp:conf/icis/Hsu07 fatcat:oteylowhrndyhboypivrcgtp4y