PurposeTo identify organizations’ information security issues and explore dynamic, organizational culture and contingency theories to develop an implementable framework for information security systems in Human Service Organizations, based soundly in theory and practice.Design/methodology/approachCritical review of global information security management issues for Human Service Organizations and relevant multi-disciplinary organizational theories to address them.FindingsEffective information security management can be particularly challenging to Human Service Organizations due to their use of volunteer staff in a borderless electronic environment. Organizations’ lack of recognition of the need for staff awareness of information security threats and for training in secure work practices, particularly in terms of maintaining clients’ privacy and confidentiality, is a major issue. Dynamic Theory of Organizational Knowledge Creation, Organizational Culture Theory and Contingency Theory were identified as the most suitable theoretical perspectives to address this issue and underpin an effective information security management framework for Human Service Organizations.Research limitations/implicationsThe theory-based framework presented here has not been tested in practice. Such testing will be carried out in further research.Originality/valueCurrently, there is no framework for information security systems in Human Service Organizations. The framework developed here provides a foundation on which Human Service Organizations can build information security systems specific to their needs.
Journal of Information, Communication and Ethics in Society – Emerald Publishing
Published: Aug 8, 2016