Project Commitment in the Context of Information Security

Project Commitment in the Context of Information Security

Ioannis Koskosas (University of Western Macedonia, Greece) and Nikolaos Sariannidis (Technological Education Institute of Western Macedonia, Greece)
DOI: 10.4018/jitpm.2011070102
OnDemand PDF Download:
No Current Special Offers


This research investigates the role of project commitment in the context of information systems security. In doing so, the research adopts a psychological point of view by exploring and discussing the concept of project commitment in setting information security goals. Information security can be viewed as the efficient control of uncertainty arising from malicious acts intended to exploit valuable assets, and in the context of information systems the valuable assets under consideration are data. Data were collected by using an interpretive approach through in-depth interviews and observation within a single case study in Greece. The contribution of this research to interpretive information-systems consists of the study of project commitment and goal theory in an information security-management context, and its grounding within an interpretive epistemology. Ultimately, this research promotes an interdisciplinary and interorganizational theory that fosters a dialogue transcending industry-specific contexts and explores different management practices that can improve security project commitment and management in its real life context.
Article Preview

Brief Organizational Information Security Background

Although a number of IS security approaches have been developed over the years that reactively minimize security threats such as checklists, risk analysis and evaluation methods, there is a need to establish mechanisms to proactively manage IS security. That said, academics’ and practitioners’ interest has turned on social and organizational factors that may have an influence on IS security development and management. For example, Orlikowski and Gash (1994) have emphasized the importance of understanding the assumptions and values of different stakeholders to successful IS implementation. Such values have also been considered important in organizational change (Simpson & Wilson, 1999), in security planning (Straub & Welke, 1998) and in identifying the values of internet commerce to customers (Keeney, 1999).

Dhillon and Torkzadeh (2006) have also used the value-focused thinking approach to identify fundamental and mean objectives, as opposed to goals, that would be a basis for developing IS security measures. These value-focused objectives were more of the organizational and contextual type.

Complete Article List

Search this Journal:
Open Access Articles
Volume 13: 4 Issues (2022): 1 Released, 3 Forthcoming
Volume 12: 4 Issues (2021)
Volume 11: 4 Issues (2020)
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing