Institutional pressures and internal security needs assessment (ISNA) significantly explain the variation in organizational investment in ISCR. Specifically, coercive and normative pressures are found to have not only a direct impact but also an indirect impact through ISNA on organizational investment in ISCR.
| Construct | Cites | Category | Questions given? | Content validity | Pretests | Response type | Notes |
|---|---|---|---|---|---|---|---|
| Mimetic pressure | NEW | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | ||
| Business partner pressure | NEW | Coercive pressure | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | |
| Government regulation | NEW | Coercive pressure | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | |
| Security investment among partners | NEW | Normative pressure | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | |
| Exposure to security practices | NEW | Normative pressure | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | |
| Information security technologies | NEW | Information security control resources | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | |
| Qualified security personnel | NEW | Information security control resources | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | |
| Security awareness of organizational users | NEW | Information security control resources | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | |
| IT capabilities | Grewal et al., 2001, NEW | yes | expert review | pilot of 25 | seven-point scales with items anchored with strongly disagree to strongly agree. | ||
| Security investment rationale | Chatterjee et al., 2002, NEW | Internal security needs assessment | yes | expert review | pilot of 25 | seven-point scales, anchored with none to very great | |
| Risk analysis | NEW | Internal security needs assessment | yes | expert review | pilot of 25 | seven-point scales, anchored with none to extensively |
Huseyin Cavusoglu, Hasan Cavusoglu, Jai-Yeol Son, and Izak Benbasat. Institutional pressures in security management: Direct and indirect influences on organizational investment in information security control resources. Information & management, 52(4):385–400, 2015.
@article{cavusoglu_institutional_2015,
author = {Cavusoglu, Huseyin and Cavusoglu, Hasan and Son, Jai-Yeol and Benbasat, Izak},
journal = {Information \& management},
number = {4},
pages = {385--400},
shorttitle = {Institutional Pressures in Security Management},
title = {Institutional Pressures in Security Management: {{Direct}} and Indirect Influences on Organizational Investment in Information Security Control Resources},
volume = {52},
year = {2015}
}