Document Type : Research Paper

Authors

1 Faculty Member, Department of Computer Engineering, Ferdowsi University of Mashhad, Mashhad. (Corresponding Author: hosseini@um.ac.ir)

2 PhD student , Information Technology Management, Ferdowsi University of Mashhad, Mashhad.

Abstract

 
This study addresses the security of information systems (ISS) as one of the most important issues in organizations and especially municipalities. Instead of exceptions, information security breaches have become a norm, and security of information systems can only be realized when employees completely accept this concept by changing their behavior in line with advanced information security systems. The model of this research is based on institutional theory. This two-way model has introduced organizational citizenship behavior (OCB) and counterproductive work behavior (CWB) in the process of verifying the security of the information system. This research also measures the impact of innovative culture on the information security system. The statistical population of the study consisted of Mashhad Municipal Information Technology experts and data collection tool was a questionnaire. The data support mainly the proposed research model and the results indicate the application of institutional theory in explaining the process of institutionalizing the changes in the security of the information system on the innovative culture of the organization, legitimizing and accepting those changes, and increasing organizational citizenship behavior (reduction of counterproductive work behavior) in employees Which, in the end, will increase the effectiveness of the security of the information system.
 
 
 

Keywords

نعمتیان، سیدمحمد .(1394). جایگاه واهمیت امنیت اطلاعات در شهرداری الکترونیک. دوماهنامه شهرنگار، شماره 70-71.
مشبکی اصفهانی، اصغر؛ خدامی سهیلا و تقوی شوازی، الهه .(1389). نظریه نهادی نوین تلفیقی و نقش آن در کسب مزیت رقابتی. پژوهشنامه مدیریت اجرایی، 10(1). 174-149
وظیفه، زهرا؛ مهدی، محمد و وکیلی، نادیا .(1397). الگوی امکان‌سنجی و استقرار اثربخش سیستم مدیریت امنیت اطلاعات بر مبنای روش فراترکیب. مطالعات مدیریت کسب‌وکار هوشمند 7(26)،99-71.
Ashworth, R., Boyne, G. & Delbrige, R. (2009). Escape from the iron cage? Organizational change and isomorphic pressures in the public sector. J. Public Adm. Res. Theory, 19, 165–187.
Bjorck, F. (2004). Institutional Theory: A New Perspective for Research into IS/IT Security in Organisations. In Proceedings of the 37th Hawaii International Conference on System Sciences, Big Island, Hawaii, 5–8 January.
Bulgurcu, B., Cavusoglu, H., Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. (2010). MIS Q. 34, 523–548
Bateman, T. & Organ, D. (1983). "Job Satisfaction And The Good Soldier: The Relationship Between Affect And Employee Citizenship", Academy Of Management Journal, 26(4).
Bergström, O., Styhre, A., Thilander, P. (2014). Paradoxifying organizational change: Cynicism and resistance in the Swedish armed forces. J. Chang. Manag, 14, 384–404
Band, S.R., Cappelli, D.M., Fischer, L.F., Moore, A.P., Shaw, E.D., Trzeciak, R.F. (2006). Comparing Insider IT Sabotage and Espionage: A Model-Based Analysis, Technical Report CMU/SEI-2006-TR-026, ESC-TR-2006-091, Defense Technical Information Center: Fort Belvoir, VA, USA
Choi, M., Lee, J., Hwang, K. (2018). Information Systems Security (ISS) of E-Government for Sustainability: A Dual Path Model of ISS Influenced by Institutional Isomorphism. Sustainability, 10, 1555.
Coursey, D., Norris, D.F.(2008). Models of E-government: Are they correct? An empirical assessment. Public Adm. Rev. 68, 523–536
Currie, W.L. (2012). Institutional isomorphism and change: The national programme for IT—10 years on. J. Inf. Technol. 27, 236–248.
Dalal, R.S. (2005). A meta-analysis of the relationship between organizational citizenship behavior and counterproductive work behavior. Am. Psychol. Assoc. 2005, 90, 1241–1255. [CrossRef] [PubMed]
DiMaggio, P.J., Powell, W.W. (1983). The iron cage revisited: Institutional isomorphism and collective rationality in organizational fields. Am. Sociol. Rev. 1983, 48, 147–160
Evans, W.R., Novicevic, M.M. (2010). Legitimacy of HRM practices: Managerial perceptions of economic and normative value. J. Appl. Manag. Entrep. 15, 13–27
Feng, N., Wang, H.J., Li, M. (2014). A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis. Inf. Sci. 25
Hagen, J.M., Albrechtsen, E., Hovden, J. (2008). Implementation and effectiveness of organizational information security measures. Inf. Manag. Secur. 16, 377–397.
Hill, L.B. Pemberton, J.M. (1995). Information security: An overview and resource guide for information managers. Rec. Manag. Q., 29, 14–24
Hsieh, P. J. (2016). An empirical investigation of patients’ acceptance and resistance toward the health cloud: The dual factor perspective. Computers in Human Behavior, 63, 959-969
Hu, Q., Hart, P., Cooke, D. (2007). The role of external and internal influences on information systems security—A neo-institutional perspective. J. Strateg. Inf. Syst. 2007, 16, 153–172
Hu, Q., Hart, P., Cooke, D. (2006). The Role of External Influences on Organizational Information Security Practices: An Institutional Perspective. In Proceedings of the Annual Hawaii International Conference on System Sciences, Kauai, Hawaii, 4–7 January, Volume 6, pp. 1–10.
Hwang, K., & Choi, M. (2017). Effects of innovation-supportive culture and organizational citizenship behavior on e-government information system security stemming from mimetic isomorphism.Government Information Quarterly, 34(2), 183–198
Joshi, K.(1991). A model of users’ perspective on change: The case of information systems technology implementation. MIS Q., 15, 229–242
Knapp, K. J., Marshall, T. E., Rainer, R. K., Jr., & Ford, F. N. (2007). Information security effectiveness: Conceptualization and validation of a theory. International Journal of Information Security and Privacy, 1(2), 37–60.
Ke, W., Wei, K.K. (2008). Organizational culture and leadership in ERP implementation. Decis. Support Syst. 45, 208–218.
Kokolakis S.A. Demopoulos A.J. Kiountouzis E.A. (2000). The use of business process modelling in information systems security analysis and design", Information Management & Computer Security, Vol. 8 Iss 3 pp. 107 – 116
Kotter, J.P. (2007). Leading change: Why transformation efforts fail. Harv. Bus. Rev, 85, 96–103.
Lavy, S., & Littman-Ovadia, H. (2017). My Better Self: Using Strengths at Work and Work Productivity, Organizational Citizenship Behavior, and Satisfaction. Journal of Career Development, 44(2), 95–109.
Leiter, J. (2005). Structural isomorphism in Australian nonprofit organizations. Int. J. Volunt. Nonprofit Org, 16, 1–31
Larsson, H., & Grönlund, Å. (2016). Sustainable eGovernance? Practices, problems and beliefs about the future in Swedish eGov practice. Government Information Quarterly, 33(1), 105–114
Markus, M.L (1983). Power, politics, and MIS implementation. Commun. ACM, 26, 430–444
Martinko, M.J., Gundlach, M.J., Douglas, S.C. (2002). Toward an integrative theory of counterproductive workplace behavior: A causal reasoning perspective. Int. J. Sel. Assess. 10, 36–50
Marcus, B., Schuler, H. (2004). Antecedents of counterproductive behavior at work: A general perspective. J. Appl. Psychol. 89, 647–660
Merhi, M.I., & Ahluwalia, P. (2015). Top management can lower resistance toward information security compliance. Proceedings of International Conference on Information Systems, Fort Worth, Texas.
National Security Institute. (2009). Cyber Security: Keeping Up with the Threat, National Security Institute: Medway, MA, USA, 6, 57–73.
Nazareth, D.L., Choi, J. (2015). A system dynamics model for information security management. Inf. Manag.52, 123–134
Nikrerk J.F. and Solms, Van.(2017). Information security culture: a management perspective. Computer & security, 5, 142-144.
Organ, D.W. (1988). Organizational Citizenship Behavior: The Good Soldier Syndrome, Lexington Books/D. C. Heath and Co.: Lexington, MA, USA
PricewaterhouseCoopers. (2013). Key Findings from the 2013 US State of Cybercrime Survey, PricewaterhouseCoopers: Delaware, DE, USA,
Pavlou, P.A., Fygenson, M. (2006). Understanding and predicting electronic commerce adoption: An extension of the theory of planned behavior. MIS Q. 30, 115–143.54.
Reichers, A.E., Wanous, J.P., Austin, J.T. (1997). Understanding and managing cynicism about organizational change. Acad. Manag. Exec. 11, 48–59.
Sen, S., & Samanta, S. (2014). Information security.International Journal of InnovativeResearch in Technology, 1(11), 224–231.
Seo, M., Creed, W.D. (2002). Institutional contradictions, praxis, and institutional change: A dialectical perspective. Acad. Manag. Rev. 2002, 27, 222–247.
Scott, W.R. Institutions and Organizations, 2nd ed., Sage: Thousand Oaks, CA, USA, 2001
Sun, P.L., Ku, C.Y., Shih, D.H. (2015). An implementation framework for E-government 2.0. Telemat. Inform, 32, 504–520
Sharma, U., Lawrence, S., Lowe, A. (2010). Institutional contradiction and management control innovation: A field study of total quality management practices in a privatized telecommunication company. Manag. Account. Res 21, 251–264
Turban E. Leidner, McLean E. Wetherbe J.(2018), Informationtechnology for management, New York: John Willy and Sons.
Turel, Ofir & Xu, Zhengchuan & Guo, Ken. (2017). Organizational Citizenship Behavior Regarding Security: Leadership Approach Perspective. Journal of Computer Information Systems. 1-15. 10.1080/08874417.2017.1400928.
Vahidi, A, kakavand, S, Tarokh, M. (2014). The influence of Organizational Citizenship Behavior on Information Security Behaviors. International Journal of Information and Communication Technology Research, March, Volume 4 No. 3
Wanous, J.P., Reichers, A.E., Austin, J.T. (2000). Cynicism about organizational change measurement, antecedents, and correlates. Group Org. Manag, 25, 132–153
Waring, B. (2009). Displaced Pride: Attacking Cynicism at the United States Air Force Academy. A Research Report, Air Command and Staff College Air University, Maxwell Air Force Base: Montgomery, AL, USA
Yang, Jun & Treadway, Darren. (2018). A Social Influence Interpretation of Workplace Ostracism and Counterproductive Work Behavior. Journal of Business Ethics. 148.
Yen, H.R., Li, E.Y., Niehoff, B.P. (2008). Do organizational citizenship behaviors lead to information system success? Testing the mediation effects of integration climate and project management. Inf. Manag. 45, 394–402.