[AISWorld] 2nd CfP: AMCIS Minitrack on Design Considerations for IT Security and Privacy Management

John D'Arcy jdarcy1 at nd.edu
Thu Jan 27 15:04:59 EST 2011 

Call for Papers (CFP):
17th Americas Conference on Information Systems (AMCIS)
August 4-7, 2011, Detroit, MI, USA

Track: Human Computer Interaction
Mini-Track: Design Considerations for IT Security and Privacy Management

CFP online version: http://pal.ist.psu.edu/11HCIMT.pdf

DESCRIPTION:
The importance of security and privacy management has increased as witnessed by the increasing number of security and privacy breach incidents that organizations have encountered within the last few years. For instance, the website privacyrights.org details nearly two thousand data breaches made public since 2005 that have compromised over a half million personal records. Security and privacy management is especially challenging in that users vary widely in level of motivation, knowledge, and perceptions of threat severity. The decentralized computing environment in which end users exercise some degree of autonomous control over IT resources further complicates security management efforts. To address these complex issues, we solicit research papers on the design and usability of tools and technologies employed for all types of IT security management tasks, including those utilized by both end users and IT administrators.

A fully functional IT environment requires a consolidated and convincing set of privacy and security safeguards in place at various levels: system, user, organizational, and sector. Therefore, design-based research efforts are expected to bring system requirement, user controllable privacy and security, organizational compliance, and legal requirements into better alignment. This mini-track provides a forum for focused discussion and exchange on design considerations for IT security and privacy management. We welcome research papers that explore interesting questions related to the design and usability aspects of IS security and privacy, such as:

*         How should organizations design and implement tools and procedures that help IT professionals, business leaders, and policy makers bring system requirements, business strategies, and policies into better alignment?

*         How should firms design and implement tools and practices for detection, reporting, investigation of, and recovery from security incidents?

*         What is unique about privacy and security management and why should the AIS-SIGHCI community care?

POTENTIAL TOPICS:

*         Example topics of interest include, but are not limited to, the following:

*         Design and usability evaluations of privacy and security enhancing features

*         User mental models and behavioral dynamics

*         Tools or applications that support security and privacy assurance

*         Designs to improve IS security and IT policy compliance

*         User interface design for security tools

*         Deployment, integration, modification, and maintenance of organizational security solutions

*         Design of organizational security controls and procedures

*         Information visualization for security analysis

*         Integration of security tools with organizational security policies and procedures

*         Design of user security and privacy awareness and training modules

We refer potential authors to papers in recent MIS Quarterly and European Journal of Information Systems special issues on information security (e.g., Abbasi et al. 2010; Zhang et al. 2009) and the proceedings of IFIP Working Group 8.11/11.13 Dewald Roode Information Security Workshop for potential ideas. However, the range of acceptable topics and methodological approaches is by no means limited to these studies.

REFERENCES:
Abbasi, A., Zhang, Z., Zimbra, D., and Chen, H. (2010). Detecting Fake Websites: The Contribution of Statistical Learning Theory. MIS Quarterly 34(3), pp. 435-461.
Zhang, J., Luo, X., Akkaladevi, S., and Ziegelmayer, J. (2009). Improving Multiple-Password Recall: An Empirical Study. European Journal of Information Systems 18(2), pp. 165-176.

SUBMISSION SITE:
http://mc.manuscriptcentral.com/amcis2011

IMPORTANT DATES:
Deadline for paper submissions: February 17, 2011
Notification of Acceptance: March 24, 2011
Final Paper Due: April 21, 2011

CHAIRS CONTACT INFORMATION:
Heng Xu
Assistant Professor
College of Information Sciences and Technology,
The Pennsylvania State University, University Park,
Phone: (814) 867-0469
Email: hxu at ist.psu.edu<mailto:hxu at ist.psu.edu>

John D'Arcy
Assistant Professor
Department of Management,
Mendoza College of Business,
University of Notre Dame,
Phone: (574) 631-1735
Email: jdarcy1 at nd.edu<mailto:jdarcy1 at nd.edu>






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.aisnet.org/pipermail/aisworld_lists.aisnet.org/attachments/20110127/053dcdf5/attachment.html>

More information about the AISWorld mailing list