Power Relationships in Information Systems Security Policy Formulation and Implementation

Authors

M Lapke, Virginia Commonwealth UniversityFollow
Gaurpreet Dhillon, Virginia Commonwealth UniversityFollow

Abstract

This research argues that organizational power impacts the development and implementation of

Information Systems (IS) Security policy. The study was conducted via an in depth case study at the IT

department within a large financial organization in the United States. The theoretical foundation for the

research was based was Clegg’s (2002) Circuits of Power. A conceptual framework was created

utilizing Circuits of Power. This was used to study power relationships and how they might affect the

formulation and implementation of IS Security policy in this organization. The case study demonstrated

that power relationships have a clear impact on the IS security policy process. Though there is a strong

security culture at the organization and a well defined set of processes, an improvement in the process

and ensuing security culture is possible by accounting for the effect of power relationships.

Recommended Citation

Lapke, M and Dhillon, Gaurpreet, "Power Relationships in Information Systems Security Policy Formulation and Implementation" (2008). ECIS 2008 Proceedings. 119.
https://aisel.aisnet.org/ecis2008/119