A Model for the Adoption Process of Information System Security Innovations in Organisations: A Theoretical Perspective
This work addresses the challenge of improving security adoption processes for organizations, but it is incremental as it builds on established theories without introducing new empirical data or methods.
The paper tackles the problem of understanding how organizations adopt information system security innovations by developing a theoretical model that integrates multiple existing theories, resulting in a more comprehensive framework compared to past representations.
In this paper, we develop a theoretical model for the adoption process of Information System Security innovations in organisations. The model stemmed from the Diffusion of Innovation theory (DOI), the Technology Acceptance Model (TAM), the Theory of Planned Behaviour (TPB) and the Technology-Organisation-Environment (TOE) framework. The model portrays Information System Security adoption process progressing in a sequence of stages. The study considers the adoption process from the initiation stage until the acquisition of innovation as an organisational level judgement while the process of innovation assimilation and integration is assessed in terms of the user behaviour within the organisation. The model also introduces several factors that influence the Information System Security innovation adoption. By merging the organisational adoption and user acceptance of innovation in a single depiction, this research contributes to IS security literature a more comprehensive model for IS security adoption in organisation, compare to any of the past representations.