Institutional Influences on Information Systems Security Innovations
Published Online:9 Jan 2012https://doi.org/10.1287/isre.1110.0393
References
- Understanding Attitudes and Predicting Behavior (1980) (Prentice Hall, Englewood Cliffs, NJ) Google Scholar
- Strategic response to institutional influences on information systems outsourcing. Organ. Sci. (1997) 8(3):235–256Link, Google Scholar
- Research commentary: Introducing a third dimension in the information systems design—The case for incentive alignment. Inform. Systems Res. (2001) 12(3):225–239Link, Google Scholar
- Circuits of power in creating de jure standards: Shaping an international information systems security standard. MIS Quart. (2006) 30(Special issue):413–438Crossref, Google Scholar
- Beyond seniority-based systems: A paradigm shift in Korean HRM? Asia Pacific Bus. Rev. (1997) 3(4):82–110Crossref, Google Scholar
- Organizational and HRM strategies in Korea: Impact on firm performance in an emerging economy. Acad. Management J. (2000) 43(3):502–517Crossref, Google Scholar
- Top management and innovations in banking: Does the composition of the top team make a difference? Strategic Management J. (1989) 10(1):107–124Crossref, Google Scholar
- Risk analysis: An interpretive feasibility tool in justifying information systems security. Eur. J. Inform. Systems (1991) 1(2):121–130Crossref, Google Scholar
- , Straub D., Goodman S., Baskerville R. Information systems security strategy: A process view. Information Security Policies, Processes and Practices (2008) (M. E. Sharpe, Armonk, NY) 15–45Google Scholar
- A resource-based perspective on information technology capability and firm performance: An empirical investigation. MIS Quart. (2000) 24(1):169–196Crossref, Google Scholar
- Conditions for successful automation in industrial applications: A point of view. IFAC 15th Triennial World Congress Proc. (2002) . http://www.nt.ntnu.no/users/skoge/prost/proceedings/ifac2002/data/content/05002/5002.pdfGoogle Scholar
- An institutional perspective on developing and implementing Intranet- and Internet-based information systems. Inform. Systems J. (2003) 13(3):209–231Crossref, Google Scholar
- Organizational factors to the effectiveness of implementing security management. Indust. Management Data Systems (2006) 106(3):345–361Crossref, Google Scholar
- Shaping up for e-commerce: Institutional enablers of the organizational assimilation web technologies. MIS Quart. (2002) 26(2):65–89Crossref, Google Scholar
- Mobile Internet acceptance in Korea. Internet Res (2005) 15(2):125–140Crossref, Google Scholar
- An information security education maturity model. (2008) . Working paper, National Taiwan University, Taipei, Taiwan. http://cnte2008.cs.nhcue.edu.tw/pdf/135.pdfGoogle Scholar
- A model for evaluating IT security investments. Comm. ACM (2004) 47(7):87–92Crossref, Google Scholar
- The value of intrusion detection systems in information technology security architecture. Inform. Systems Res. (2005) 16(1):28–56Link, Google Scholar
- , Marcoulides G. A. The partial least squares approach to structural equation modeling. Modern Methods for Business Research (1998) (Lawrence Erlbaum Associates, Mahwah, NJ) 295–336Google Scholar
- A partial least squares latent variable approach for measuring interaction effects: Results from a Monte Carlo simulation study and an electronic-mail emotion/adoption study. Inform. Systems Res. (2003) 14(2):189–217Link, Google Scholar
- Cyber security management. Indust. Management Data Systems (1999) 99(8):353–361Crossref, Google Scholar
- Patterns of innovation in Korea and Taiwan. IEEE Trans. Engrg. Management (1998) 45(4):357–365Crossref, Google Scholar
- Statistical Power Analysis for the Behavioral Sciences (1988) 2nd ed.(Lawrence Erlbaum Associates, Hillsdale, NJ) Google Scholar
- Quasi-Experimentation: Design and Analysis Issues for Field Settings (1979) (Houghton Mifflin, Chicago) Google Scholar
- Information technology implementation research: A technological diffusion approach. Management Sci. (1990) 36(2):123–139Link, Google Scholar
- Organizational innovation: A meta-analysis of effects of determinants and moderators. Acad. Management J (1991) 34(3):555–590Crossref, Google Scholar
- User awareness of security countermeasures and its impact on information security misuse: A deterrence approach. Inform. Systems Res. (2009) 20(1):79–98Link, Google Scholar
- Current directions in IS security research: Towards socio-organizational perspectives. Inform. Systems J. (2001) 11(2):127–153Crossref, Google Scholar
- The design and administration of mail surveys. Annual Rev. Sociol. (1991) 17:225–249Crossref, Google Scholar
- , DiMaggio P. J., Powell W. W. The iron cage revisited: Institutional isomorphism and collective rationality in organizational fields. The New Institutionalism in Organizational Analysis (1991) (University of Chicago Press, Chicago) 63–82Google Scholar
- Characteristics of organizational environments and perceived environmental uncertainty. Admin. Sci. Quart. (1972) 17(3):313–327Crossref, Google Scholar
- The assimilation of software process innovation: An organizational learning perspective. Management Sci. (1997) 43(10):1345–1363Link, Google Scholar
- The illusory diffusion of innovation: An examination of assimilation gaps. Inform. Systems Res. (1999) 10(3):255–275Link, Google Scholar
- Two structural equation models: LISREL and PLS applied to customer exit-voice theory. J. Marketing Res. (1982) 19(4):440–452Crossref, Google Scholar
- Organizational adoption and assimilation of complex technological innovation: Development and application of a new framework. DATA BASE Adv. Inform. Systems (2001) 32(3):51–85Crossref, Google Scholar
- High-tech hidebound: Case studies of information technologies that inhibited organizational learning. Accounting, Management Inform. Tech. (1995) 5(1):41–60Crossref, Google Scholar
- Security concerns of system users: A study of perceptions of the adequacy of security measures. Inform. Management (1991) 20(1):13–27Crossref, Google Scholar
- Using information security as a response to competitor analysis systems. Comm. ACM (2001) 44(9):70–75Crossref, Google Scholar
- The economics of information security investment. ACM Trans. Inform. System Security (2002) 5(4):438–457Crossref, Google Scholar
- Enterprise information systems as objects and carriers of institutional forces: The new iron cage? J. Assoc. Inform. Systems (2004) 5(4):151–182Google Scholar
- Global competition institutions, and the diffusion of organizational practices: The international spread of ISO 9000 quality certificates. Admin. Sci. Quart. (2002) 47(2):207–223Crossref, Google Scholar
- Multivariate Data Analysis with Readings (1995) 4th ed.(Prentice Hall, Englewood Cliffs, NJ) Google Scholar
- Modes of interorganizational imitation: The effects of outcome salience and uncertainty. Admin. Sci. Quart. (1997) 42(3):472–500Crossref, Google Scholar
- Emergent maintenance of ERP: New roles and relationships. J. Software Maintenance: Res. Practice (2001) 13(6):373–397Crossref, Google Scholar
- Culture's Consequence: International Differences in Work Related Values (1980) (Sage Publications, London) Google Scholar
- Frame misalignment: Interpreting the implementation of information systems security certification in an organization. Eur. J. Inform. Systems (2009) 18(2):140–150Crossref, Google Scholar
- The role of external influences on organizational information security practices: An institutional perspective. 39th Hawaii Internat. Conf. System Sci. (2006) (IEEE Computer Society Press, Los Alamitos, CA) 1–10Google Scholar
- The role of external influences on organizational information security practices: An institutional perspective. J. Strategic Inform. Systems. (2007) 16(2):153–172Crossref, Google Scholar
- Reading Statistics and Research (1974) (Harper-Collins, New York) Google Scholar
- Electronic data interchange and small organizations: Adoption and impact of technology. MIS Quart. (1995) 19(4):465–485Crossref, Google Scholar
- Leveraging collective intellect by building organizational capabilities. Expert Systems Appl. (1997) 13(1):29–40Crossref, Google Scholar
- Security threats to Internet: A Korean multi-industry investigation. Inform. Management (2001) 38(8):487–498Crossref, Google Scholar
- TQM and a managerial innovation: Research issues and implications. Health Services Management Rev. (1993) 6(2):78–88Crossref, Google Scholar
- An integrative study of information systems security effectiveness. Internat. J. Inform. Management (2003) 23(2):139–154Crossref, Google Scholar
- Why there are not more information security research studies. Inform. Management (2004) 41(5):597–607Crossref, Google Scholar
- An examination of factors contributing to South Korea's global leadership in broadband adoption. Telematics Informatics (2005) 22(4):349–359Crossref, Google Scholar
- Assimilation of enterprise systems: The effect of institutional pressures and the mediating role of top management. MIS Quart. (2007) 31(1):59–87Crossref, Google Scholar
- Positioning the institutional perspective in information systems research. J. Inform. Tech. (2009) 24(4):369–391Crossref, Google Scholar
- Qualitative Data Analysis (1994) (Sage Publications, Thousand Oaks, CA) Google Scholar
- Three types of perceived uncertainty about the environment: State, effect, and response uncertainty. Acad. Management Rev. (1987) 12(1):133–143Crossref, Google Scholar
- Professional versus political contexts: Institutional mitigation and the transaction cost heuristic in information systems outsourcing. MIS Quart. (2006) 30(3):725–753Crossref, Google Scholar
- Development of an instrument to measure the perceptions of adopting an information technology innovation. Inform. Systems. Res. (1991) 2(3):192–222Link, Google Scholar
- Strategic response to institutional processes. Acad. Management Rev. (1991) 16(1):145–179Crossref, Google Scholar
- , Yoo Y., Lee J.-N., Rowley C. Mobile business in Korea. Trends in Mobile Technology and Business in the Asia-Pacific Region (2008) (Chandos Publishing, Oxford, UK) 109–126Crossref, Google Scholar
- Review essay: Overboard with myth and symbols. Amer. J. Sociol. (1985) 91(1):51–55Crossref, Google Scholar
- Organization and Organizational Theory (1982) (Pitman, Boston) Google Scholar
- The External Control of Organizations: A Resource Dependence Perspective (1978) (Harper & Row, New York) Google Scholar
- Security cultures in organizations: A theoretical model. Americas Conf. Inform. Systems (2006) Acapulco, MexicoGoogle Scholar
- Choice and chance: A conceptual model of paths to information security compromise. Inform. Systems. Res. (2009) 20(1):121–139Link, Google Scholar
- CSI Computer Crime and Security Survey: U.S. (2008) (Computer Security Institute, New York) Google Scholar
- Economic determinants of organizational innovation. Admin. Sci. Quart. (1968) 12(4):614–625Crossref, Google Scholar
- The Fishbein extended model and consumer behavior. J. Consumer Res. (1975) 2(2):118–136Crossref, Google Scholar
- Institutions and Organizations (1995) (Sage Publications, London) Google Scholar
- Is it possible to force firms to have CISOs? (2009) . CIO Biz (September 27), http://www.ciobiz.co.kr/news/articleView.html?idxno=1114. [In Korean.]Google Scholar
- An analysis of the traditional IS security approaches: Implications for research and practice. Eur. J. Inform. Systems (2005) 14(3):303–315Crossref, Google Scholar
- Six design theories for IS security policies and guidelines. J. Assoc. Inform. Systems (2006) 7(7):445–472Google Scholar
- A critical assessment of IS security research between 1990–2004. Proc. 15th Eur. Conf. Inform. Systems (2007) St. Gallen, Switzerland:1551–1559Google Scholar
- How low should you go? Low response rates and the validity of inference in IS survey research. J. Assoc. Inform. Systems (2006) 7(6):351–411Google Scholar
- Organizational buyers' adoption and use of B2B electronic marketplaces: Efficiency—And legitimacy-oriented perspectives. J. Management Inform. Systems (2007) 24(1):55–99Crossref, Google Scholar
- Coping with systems risk: Security planning models for management decision-making. MIS Quart. (1998) 22(4):441–469Crossref, Google Scholar
- , Straub D., Goodman S., Baskerville R. Framing of information security and practices. Information Security Policies, Processes and Practices (2008) (M. E. Sharpe, Armonk, NY) 5–12Google Scholar
- The diffusion of an administrative innovation. Management Sci. (1980) 26(5):464–470Link, Google Scholar
- Predicting intention to adopt interorganizational linkage: An institutional perspective. MIS Quart. (2003) 27(1):19–49Crossref, Google Scholar
- The effect of certification with the ISO 9000 quality management standard: A singaling approach. J. Econom. Behav. Organ. (2006) 60(4):579–602Crossref, Google Scholar
- Mimetic isomorphism and technology evaluation: Does limitation transcend judgment? J. Assoc. Inform. Systems (2002) 3(5):113–143Google Scholar
- A theoretical extension of the technology acceptance model: Four longitudinal field studies. Management Sci. (2000) 46(2):186–205Link, Google Scholar
- The adoption of corporate governance mechanism: A test of competing diffusion models. Management Sci. (1994) 40(4):496–507Link, Google Scholar
- Assimilation it innovation: The longitudinal effects of institutionalization and resource dependence. Proc. Internat. Conf. Inform. Systems (2008) ParisGoogle Scholar
- The diffusion and use of institutional theory: A cross-disciplinary longitudinal literature survey. J. Inform. Tech. (2009) 24(4):1–15Crossref, Google Scholar
- Customization or conformity? An institutional and network perspective on the content and consequences of TQM adoption. Admin. Sci. Quart. (1997) 42(2):366–394Crossref, Google Scholar
- In defences of the realm: Understanding the threats to information security. Internat. J. Inform. Management (2004) 24(1):43–47Crossref, Google Scholar
- Using information security to achieve competitive advantage. Comput. Security (1991) 10(5):399–404Crossref, Google Scholar
- Innovations and Organizations (1973) (John Wiley & Sons, New York) Google Scholar
- The process of innovation assimilation by firms in different countries: A technology diffusion perspective on e-business. Management Sci. (2006) 52(10):1557–1576Link, Google Scholar
- Interim report of the committee on capital markets regulation. (2006) . Report, Committee on Capital Markets Regulation, Washington, DCGoogle Scholar
- Resource dependence and institutional elements in nursing home TQM adoption. HSR: Health Services Res. (1998) 33(2):261–273Google Scholar
- Diffusion of modern software practices: Influence of centralization and formalization. Management Sci. (1982) 28(12):1421–1431Link, Google Scholar

