[AISWorld] CFP: AMCIS 2012 Mini-Track: Design Considerations for IT Security and Privacy Management

John D'Arcy jdarcy1 at nd.edu
Tue Dec 13 12:52:08 EST 2011 

Call for Papers
18th Americas Conference on Information Systems (AMCIS) 
August 9-12, 2012, Seattle, WA, USA

Track: INFORMATION SYSTEMS SECURITY, ASSURANCE, AND PRIVACY

Mini Track: DESIGN CONSIDERATIONS FOR IT SECURITY AND PRIVACY MANAGEMENT

The importance of security and privacy management has increased as witnessed by the growing number of security and privacy breach incidents that organizations have encountered within the last few years. For instance, the website privacyrights.org details nearly three thousand data breaches made public since 2005 that have compromised over a half billion personal records. Security and privacy management is especially challenging in that users vary widely in level of motivation, knowledge, and perceptions of threat severity. The decentralized computing environment in which end users exercise some degree of autonomous control over IT resources further complicates security management efforts. To address these complex issues, we solicit research papers on the design and usability of tools and technologies employed for all types of IT security management tasks, including those utilized by both end users and IT administrators. 

A fully functional IT environment requires a consolidated and convincing set of privacy and security safeguards in place at various levels: system, user, organizational, and sector. Therefore, design-based research efforts are expected to bring system requirement, user controllable privacy and security, organizational compliance, and legal requirements into better alignment. This mini-track provides a forum for focused discussion and exchange on design considerations for IT security and privacy management. We welcome research papers that explore interesting questions related to the design aspects of IS security and privacy issues, such as: 

How should organizations design and implement tools and procedures that help IT professionals, business leaders and policy makers bring system requirements,  business strategies, and policies into better alignment? 
 
How should firms design and implement tools and practices for detection, reporting, investigation of, and recovery from security incidents? 

We refer potential authors to recent MIS Quarterly (Volume 34, Issue 3) and European Journal of Information Systems (Volume 18, Issue 2) special issues on information security and the proceedings of the Symposium on Usable Privacy and Security (SOUPS) for potential ideas. However, the range of acceptable topics and methodological approaches is by no means limited to these studies. 

Example topics of interest include, but are not limited to, the following:

·       Design and usability evaluations of privacy and security enhancing features

·       User mental models and behavioral dynamics

·       Tools or applications that support security and privacy assurance 

·       Designs to improve IS security and IT policy compliance

·       User interface design for security tools 

·       Deployment, integration, modification, and maintenance of organizational security solutions
 
·       Design of organizational security controls and procedures 

·       Information visualization for security analysis

·       Integration of security tools with organizational security policies and procedures

·       Design of user security and privacy awareness and training modules

Submission Procedures: http://mc.manuscriptcentral.com/amcis2012

Important Dates

• January 2, 2012: Manuscript Central will start accepting paper submissions
• March 1, 2012: (11:59 PM Pacific time zone): Deadline for paper submissions
• April 2, 20012: Authors will be notified of acceptances on or about this date
• April 20, 2012: (11:59 PM Pacific time zone): For accepted papers, camera ready copy due

Mini-track Chairs:

Heng Xu
Assistant Professor
College of Information Sciences and Technology
The Pennsylvania State University
Phone: (814) 867-0469
Email: hxu at ist.psu.edu

John D’Arcy
Assistant Professor
Department of Management
Mendoza College of Business
University of Notre Dame
Phone: (574) 631-1735
Email: jdarcy1 at nd.edu

More information about the AISWorld mailing list