Inter-organisational information security: a systematic literature review

Purpose The purpose of this paper is to survey existing inter-organisational information security research to scrutinise the kind of knowledge that is currently available and the way in which this knowledge has been brought about. Design/methodology/approach The results are based on a literature review of inter-organisational information security research published between 1990 and 2014. Findings The authors conclude that existing research has focused on a limited set of research topics. A majority of the research has focused management issues, while employees’/non-staffs’ actual information security work in inter-organisational settings is an understudied area. In addition, the majority of the studies have used a subjective/argumentative method, and few studies combine theoretical work and empirical data. Research limitations/implications The findings suggest that future research should address a broader set of research topics, focusing especially on employees/non-staff and their use of processes and technology in inter-organisational settings, as well as on cultural aspects, which are lacking currently; focus more on theory generation or theory testing to increase the maturity of this sub-field; and use a broader set of research methods. Practical implications The authors conclude that existing research is to a large extent descriptive, philosophical or theoretical. Thus, it is difficult for practitioners to adopt existing research results, such as governance frameworks, which have not been empirically validated. Originality/value Few systematic reviews have assessed the maturity of existing inter-organisational information security research. Findings of authors on research topics, maturity and research methods extend beyond the existing knowledge base, which allow for a critical discussion about existing research in this sub-field of information security.

Download Full-text

The hunt for computerized support in information security policy management

Information and Computer Security ◽

10.1108/ics-07-2019-0079 ◽

2020 ◽

Vol 28 (2) ◽

pp. 215-259 ◽

Cited By ~ 1

Author(s):

Elham Rostami ◽

Fredrik Karlsson ◽

Ella Kolkowska

Keyword(s):

Information Security ◽

Research Methods ◽

Security Policy ◽

Critical Discussion ◽

Future Research ◽

Management Process ◽

Management Research ◽

Information Security Policy ◽

Content Type ◽

Literature Reviews

Purpose The purpose of this paper is to survey existing information security policy (ISP) management research to scrutinise the extent to which manual and computerised support has been suggested, and the way in which the suggested support has been brought about. Design/methodology/approach The results are based on a literature review of ISP management research published between 1990 and 2017. Findings Existing research has focused mostly on manual support for managing ISPs. Very few papers have considered computerised support. The entire complexity of the ISP management process has received little attention. Existing research has not focused much on the interaction between the different ISP management phases. Few research methods have been used extensively and intervention-oriented research is rare. Research limitations/implications Future research should to a larger extent address the interaction between the ISP management phases, apply more intervention research to develop computerised support for ISP management, investigate to what extent computerised support can enhance integration of ISP management phases and reduce the complexity of such a management process. Practical implications The limited focus on computerised support for ISP management affects the kind of advice and artefacts the research community can offer to practitioners. Originality/value Today, there are no literature reviews on to what extent computerised support the ISP management process. Findings on how the complexity of ISP management has been addressed and the research methods used extend beyond the existing knowledge base, allowing for a critical discussion of existing research and future research needs.

Download Full-text

Information security culture – state-of-the-art review between 2000 and 2013

Information and Computer Security ◽

10.1108/ics-05-2014-0033 ◽

2015 ◽

Vol 23 (3) ◽

pp. 246-285 ◽

Cited By ~ 27

Author(s):

Fredrik Karlsson ◽

Joachim Åström ◽

Martin Karlsson

Keyword(s):

Information Security ◽

Research Methods ◽

State Of The Art ◽

Assessment Tools ◽

Future Research ◽

Research Topics ◽

Content Type ◽

Security Culture ◽

Systems Research ◽

Information Security Culture

Purpose – The aim of this paper is to survey existing information security culture research to scrutinise the kind of knowledge that has been developed and the way in which this knowledge has been brought about. Design/methodology/approach – Results are based on a literature review of information security culture research published between 2000 and 2013 (December). Findings – This paper can conclude that existing research has focused on a broad set of research topics, but with limited depth. It is striking that the effects of different information security cultures have not been part of that focus. Moreover, existing research has used a small repertoire of research methods, a repertoire that is more limited than in information systems research in general. Furthermore, an extensive part of the research is descriptive, philosophical or theoretical – lacking a structured use of empirical data – which means that it is quite immature. Research limitations/implications – Findings call for future research that: addresses the effects of different information security cultures; addresses the identified research topics with greater depth; focuses more on generating theories or testing theories to increase the maturity of this subfield of information security research; and uses a broader set of research methods. It would be particularly interesting to see future studies that use intervening or ethnographic approaches because, to date, these have been completely lacking in existing research. Practical implications – Findings show that existing research is, to a large extent, descriptive, philosophical or theoretical. Hence, it is difficult for practitioners to adopt these research results, such as frameworks for cultivating or assessment tools, which have not been empirically validated. Originality/value – Few state-of-the-art reviews have sought to assess the maturity of existing research on information security culture. Findings on types of research methods used in information security culture research extend beyond the existing knowledge base, which allows for a critical discussion about existing research in this sub-discipline of information security.

Download Full-text

Internet marketing research in hospitality and tourism: a review and journal preferences

International Journal of Contemporary Hospitality Management ◽

10.1108/ijchm-05-2014-0268 ◽

2015 ◽

Vol 27 (7) ◽

pp. 1556-1572 ◽

Cited By ~ 25

Author(s):

Xi Yu Leung ◽

Lan Xue ◽

Billy Bai

Keyword(s):

Literature Review ◽

Correspondence Analysis ◽

Marketing Research ◽

Internet Marketing ◽

Future Research ◽

Research Topics ◽

Content Type ◽

Customer Perspective ◽

Hospitality And Tourism ◽

Hospitality Managers

Purpose – The purpose of this study is to provide a progress review of published Internet marketing research within the top eight hospitality and tourism journals and to provide suggestions on future research directions. Design/methodology/approach – The study collected 331 Internet marketing-related articles published in the top eight hospitality and tourism journals during the period of 1996-2013. Using content analysis, the study analyzed and discussed research topics, research methods and industry sectors of selected articles. The study period was broken into three sub-periods and used correspondence analysis (CA) to examine the significant changes of topical areas over time. A follow-up CA was conducted to compare the topical and methodological preferences of the selected eight journals. Findings – In all, 5-category and 27-subcategory classifications of research topics were identified in the study. The two-dimensional perceptual map indicates that Internet marketing research in the hospitality and tourism fields experienced introduction, growth and maturity stages. The research focus changed from business perspective to customer perspective and then to both business and customer perspectives. The eight top hospitality and tourism journals were grouped into four journal sets that share similar article characteristics and preferences. Research limitations/implications – Due to the sample size, the classifications and trends generated in this study may not be generalized to all Internet marketing research in hospitality and tourism disciplines. The process of identifying topic and method categories might be biased, especially in identifying new topics. Future research may apply CA method in literature review studies on other research topics. Practical implications – The study analyzed published research in Internet marketing in the hospitality and tourism fields and provided topical and methodological recommendations to academia for future research. This study may also give hospitality managers new insights into Internet marketing applications in the industry. Originality/value – This study is one of the few attempts to provide a comprehensive review of Internet marketing research in the hospitality and tourism fields. This study uses CA in literature review study, opening up a new way to easily analyze and visually display the literature trends. This study also creatively compared the publication preferences among eight top-tier hospitality and tourism journals using correspondence analysis.

Download Full-text

Ambidextrous leadership: a narrative literature review for theory development and directions for future research

Baltic Journal of Management ◽

10.1108/bjm-01-2021-0001 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Dimitrios Kafetzopoulos

Keyword(s):

Literature Review ◽

Theory Development ◽

Critical Discussion ◽

Leadership Theory ◽

Future Research ◽

Research Gaps ◽

Content Type ◽

Narrative Literature ◽

Narrative Literature Review ◽

Ambidextrous Leadership

PurposeThis study seeks to provide a narrative literature review of existing empirical research, in order to better understand the processes and theory of ambidextrous leadership, as well as its influence on followers, employees and organizations.Design/methodology/approachData from 26 studies were extracted and synthesied providing a critical discussion about the methodological and theoretical aspects of the studies identified in the review.FindingsIt was revealed the attributes for an effective ambidextrous leader, it was presented the recently proposed concept of ambidextrous leadership theory and it was noticed the main criticisms against the findings of the extant ambidextrous leadership literature. It was also identified many research gaps in the literature which in turn can guide academics in the development of ambidextrous leadership.Research limitations/implicationsThe ambidextrous leadership theory represents a novel and unique approach to the domain of leadership for creativity and innovation. It is shared across hierarchical levels throughout the organization. Leaders have a significant effect on employees' behaviors and should determine its applicability to different situations. Organizations require ambidextrous managers who combine flexible, situational and versatile leadership styles developing ever increasingly new and divergent ideas. Many research gaps in the literature were also identified that can guide academics in the development of ambidextrous leadership.Practical implicationsUnderstanding that ambidextrous leadership is required to significantly influence ambidexterity and innovation allows organizations to direct their leadership selection and development.Originality/valueThis review contributes to the ambidextrous leadership literature by creating a holistic picture of where it has been and where it should go.

Download Full-text

Metaphors we manage and develop quality by

International Journal of Quality and Service Sciences ◽

10.1108/ijqss-04-2019-0060 ◽

2020 ◽

Vol 12 (4) ◽

pp. 405-416

Author(s):

Johan Lilja ◽

Pernilla Ingelsson ◽

Kristen Snyder ◽

Ingela Bäckström ◽

Christer Hedlund

Keyword(s):

Quality Management ◽

Literature Review ◽

Design Methodology ◽

Dynamic Properties ◽

Critical Role ◽

Critical Discussion ◽

Future Research ◽

Content Type ◽

Selection Of

Purpose Metaphors are a powerful and human way of understanding and experiencing one kind of thing in terms of another. In quality management (QM), several metaphors are used to describe and bring to life the often-abstract QM concepts and systems. These metaphors are of great importance for how QM is understood, communicated and practiced. However, the metaphors of QM have seldom been systematically screened or put in focus, neither the topic of a critical discussion. The purpose of this paper is hence to contribute with a screening of the metaphors currently used, within QM literature and in practice among QM leaders, and then elaborate on their potential for improvement and development. Design/methodology/approach The paper is based on a literature review combined with interviews of QM leaders. Findings The paper highlights that the current QM metaphors provide intuitive associations to properties such as stability, shelter, and structure, but not to the important dynamic properties of QM, such as learning, or to the critical role of people in QM. What can be seen as core properties of QM are communicated by texts or labels added on to metaphors with properties that often are in sharp contrast to them. The paper also provides suggestions for further improvements and development. Originality/value The paper highlights the area of metaphors within QM as an important area for future research. It also provides insights concerning the successful use and selection of metaphors in future QM practice.

Download Full-text

Omni-channel retailing in supply chains: a systematic literature review

Benchmarking An International Journal ◽

10.1108/bij-10-2020-0547 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Syed Asif Raza ◽

Srikrishna Madhumohan Govindaluri

Keyword(s):

Network Analysis ◽

Literature Review ◽

Citation Network ◽

Current Status ◽

Future Research ◽

Research Topics ◽

Content Type ◽

Network Analyses ◽

Citation Network Analysis ◽

Key Aspects

PurposeThe purpose of this paper is to conduct a structured literature review using advanced bibliometric tools to understand the existing knowledge base, understand the trends in omni-channel (OC) research and identify emerging research topics.Design/methodology/approachMore than 500 articles selected through a keyword combination search from reputed databases of peer-reviewed academic sources from period 2009–19 are analyzed for the purposes of this study. The study first presents an exploratory analysis to determine influential authors, sources and regions, among other key aspects. Second, several network analyses including co-citation and dynamic co-citation network analyses are conducted to identify themes. These allow identifying research clusters and emerging research topics algorithmically. Both centrality and modularity-based clustering are employed. A content analysis of the most influential groups within OC literature for each cluster is included.FindingsThe findings of this paper make unique contributions by using advanced tools from network analysis along with the standard bibliometric analysis tools to explore the current status of OC research, identify existing themes and the guidance for potential areas of future research interest in OC.Practical implicationsThis research provides a comprehensive view of the range of topics of importance that have been discussed in the literature of OC management. These research trends can serve as a quick guide to researchers and practitioners to improve decision making and also develop strategies.Originality/valueThe paper employs advanced tools for the first time to review the literature of OC retailing. The sophisticated tools include co-citation and dynamic co-citation network analysis.

Download Full-text

Organizational-level visual identity: an integrative literature review

Corporate Communications An International Journal ◽

10.1108/ccij-06-2021-0068 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Magnus Kristian Gregersen ◽

Trine Susanne Johansen

Keyword(s):

Literature Review ◽

Design Methodology ◽

Critical Discussion ◽

Brand Identity ◽

Organizational Level ◽

Future Research ◽

Content Type ◽

Extant Literature ◽

Visual Identity ◽

Practical Implications

PurposeThe aim is to review and discuss main conceptualizations, themes and assumptions within organizational-level visual identity (VI) in order to identify potential avenues of theoretical advancement of VI as an independent construct.Design/methodology/approachAn integrative review approach offers a structured, nuanced perspective on the concept by synthesizing extant literature through an iterative, critical and qualitative process.FindingsThe synthesis identifies three overlapping terms [corporate visual identity (CVI), visual brand identity (VBI) and VI] and two main themes (visual consistency and authenticity). The dominant assumptions underpinning consistency and authenticity are challenged by alternative understandings, which provide a platform for perceiving visual consistency and authenticity in new ways.Research limitations/implicationsThe review offers an overview of organizational-level VI that helps define the concept as well as critical reflections which open up for additional research avenues that may develop it and point to potential areas for exploration.Practical implicationsThe review provides practitioners with a platform for discussing how to approach visual identities with regards to consistency and authenticity.Originality/valueThe review contributes with a synthesis of VI literature covering 50 years. It offers a structured presentation of and critical discussion on the underlying, dominant assumptions. By challenging these dominant assumptions, a palette of future research opportunities, with potentials to nuance and develop the concept as a unique construct, are presented.

Download Full-text

Information security

Information Management & Computer Security ◽

10.1108/imcs-05-2013-0041 ◽

2014 ◽

Vol 22 (3) ◽

pp. 279-308 ◽

Cited By ~ 13

Author(s):

Mario Silic ◽

Andrea Back

Keyword(s):

Information Security ◽

Literature Review ◽

Future Research ◽

Future Directions ◽

Research Directions ◽

Content Type ◽

Current Trends ◽

Future Research Directions ◽

New Research ◽

Practical Implications

Purpose – The purpose of this literature review is to analyze current trends in information security and suggest future directions for research. Design/methodology/approach – The authors used literature review to analyze 1,588 papers from 23 journals and 5 conferences. Findings – The authors identified 164 different theories used in 684 publications. Distribution of research methods showed that the subjective-argumentative category accounted for 81 per cent, whereas other methods got very low focus. This research offers implications for future research directions on information security. They also identified existing knowledge gaps and how the existing themes are studied in academia. Research limitations/implications – The literature review did not include some dedicated security journals (i.e. Cryptography). Practical implications – The study reveals future directions and trend that the academia should consider. Originality/value – Information security is top concern for organizations, and this research analyzed how academia dealt with the topic since 1977. Also, the authors suggest future directions for research suggesting new research streams.

Download Full-text

From output to outcome measures in the public sector: a structured literature review

International Journal of Organizational Analysis ◽

10.1108/ijoa-09-2018-1523 ◽

2019 ◽

Vol ahead-of-print (ahead-of-print) ◽

Cited By ~ 4

Author(s):

Francesca Dal Mas ◽

Maurizio Massaro ◽

Rosa Lombardi ◽

Andrea Garlatti

Keyword(s):

Public Sector ◽

Literature Review ◽

Research Methods ◽

Outcome Measures ◽

Current Literature ◽

Business Schools ◽

Future Research ◽

Content Type ◽

The Public ◽

Structured Literature Review

Purpose The purpose of this paper is to perform an analysis of the current literature providing a deep contribution to understanding the paradigm shift from output to outcome measures in the public sector. Thus, the main aim is to provide relevant insights of both theoretical and empirical studies, offering a critique of the schemes and the research methods used and underlining future research opportunities for the compelling (or underestimated) contents and new emerging trends. Design/methodology/approach Articles published in main public management and administration journals, as internationally recognized, are analyzed using a structured literature review methodology. The paper investigates selected contributions published in Association of Business Schools (ABS) (Chartered Association of Business Schools – UK] Grade 4, 3 and 2 journals specializing in the field of “Public Sector Management,” dealing with the topic of performance measurement, from output to outcome. Findings Findings are described defying a framework that deepens emerging elements of current literature such as main countries analyzed, main research topics highlighted, research methods applied (qualitative versus quantitative; case studies, interviews, comparative studies etc.), different definitions of “output” and “outcome,” top keywords and their connections. Originality/value The paper’s findings aim to offer insights and a current “shared vision” into the state of the art and possible future research avenues on the topic of output and outcome measures in the public sector fostering the development of further studies especially in the direction of sustainability.

Download Full-text

The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda

The TQM Journal ◽

10.1108/tqm-09-2020-0202 ◽

2021 ◽

Vol 33 (7) ◽

pp. 76-105

Author(s):

Giovanna Culot ◽

Guido Nassimbeni ◽

Matteo Podrecca ◽

Marco Sartor

Keyword(s):

Information Security ◽

Literature Review ◽

Research Agenda ◽

Social Systems ◽

Interdisciplinary Studies ◽

Future Research ◽

Content Type ◽

Academic Knowledge ◽

Emerging Issues ◽

Iec 27001

PurposeAfter 15 years of research, this paper aims to present a review of the academic literature on the ISO/IEC 27001, the most renowned standard for information security and the third most widespread ISO certification. Emerging issues are reframed through the lenses of social systems thinking, deriving a theory-based research agenda to inspire interdisciplinary studies in the field.Design/methodology/approachThe study is structured as a systematic literature review.FindingsResearch themes and sub-themes are identified on five broad research foci: relation with other standards, motivations, issues in the implementation, possible outcomes and contextual factors.Originality/valueThe study presents a structured overview of the academic body of knowledge on ISO/IEC 27001, providing solid foundations for future research on the topic. A set of research opportunities is outlined, with the aim to inspire future interdisciplinary studies at the crossroad between information security and quality management. Managers interested in the implementation of the standard and policymakers can find an overview of academic knowledge useful to inform their decisions related to implementation and regulatory activities.

Download Full-text