Conflict Resolution in an ISO/IEC 27001 Standard Implementation: A Contradiction Management Perspective
| dc.contributor.author | Soliman, Wael | |
| dc.contributor.author | Ojalainen, Anniina | |
| dc.date.accessioned | 2024-03-25T10:09:16Z | |
| dc.date.available | 2024-03-25T10:09:16Z | |
| dc.date.created | 2023-01-19T12:03:38Z | |
| dc.date.issued | 2023 | |
| dc.identifier.citation | Soliman, W. & Ojalainen, A. (2023). Conflict Resolution in an ISO/IEC 27001 Standard Implementation: A Contradiction Management Perspective. Proceedings of the 56th Hawaii International Conference on System Sciences, 4839-4848. https://hdl.handle.net/10125/103223 | en_US |
| dc.identifier.isbn | 978-0-9981331-6-4 | |
| dc.identifier.uri | https://hdl.handle.net/11250/3124039 | |
| dc.description.abstract | The ISO/IEC 27001 standard provides organizations with guidelines to help them evaluate, document, and improve their information security processes. In practice, however, the generality of the standard can create a conflict between its requirements and the adopters’ expectations. To better understand how an organization manages such conflicts, we conduct a case study in a Finnish corporation during the standard’s implementation in one of its units. Two critical conflicts emerged: Conflict I reflects a tension between the standard requirement for disciplinary measures vis-à-vis the organization’s punishment-averse culture. Conflict II reflects a tension between the organization’s aspiration for concrete code reviewing instructions vis-à-vis the lack thereof in the standard. Our findings reveal that whereas the conflict resolution process was similar in managing both conflicts, their content was radically different. Specifically, whereas conflict I’s resolution was paradoxical, conflict II’s resolution was dialectical. We discuss the theoretical and practical implications of our findings. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | University of Hawai'i at Manoa | en_US |
| dc.relation.ispartof | Proceedings of the 56thAnnual Hawaii International Conference on System Sciences | |
| dc.relation.uri | https://hdl.handle.net/10125/103223 | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/deed.no | * |
| dc.title | Conflict Resolution in an ISO/IEC 27001 Standard Implementation: A Contradiction Management Perspective | en_US |
| dc.type | Peer reviewed | en_US |
| dc.type | Journal article | en_US |
| dc.description.version | publishedVersion | en_US |
| dc.rights.holder | © 2023 The Author(s) | en_US |
| dc.subject.nsi | VDP::Datateknologi: 551 | en_US |
| dc.subject.nsi | VDP::Computer technology: 551 | en_US |
| dc.source.pagenumber | 4839-4848 | en_US |
| dc.source.journal | Proceedings of the 56th Hawaii International Conference on System Sciences | en_US |
| dc.identifier.cristin | 2110239 |
Tilhørende fil(er)
Denne innførselen finnes i følgende samling(er)
Med mindre annet er angitt, så er denne innførselen lisensiert som Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal