<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:770315068;
mso-list-type:hybrid;
mso-list-template-ids:266129404 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1
{mso-list-id:913511916;
mso-list-type:hybrid;
mso-list-template-ids:1563457296 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>Call for Papers (CFP):<o:p></o:p></p><p class=MsoNormal>17th Americas Conference on Information Systems (AMCIS) <o:p></o:p></p><p class=MsoNormal>August 4-7, 2011, Detroit, MI, USA<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Track: Human Computer Interaction <o:p></o:p></p><p class=MsoNormal><b>Mini-Track: Design Considerations for IT Security and Privacy Management <o:p></o:p></b></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>CFP online version: <a href="http://pal.ist.psu.edu/11HCIMT.pdf">http://pal.ist.psu.edu/11HCIMT.pdf</a><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><b>DESCRIPTION:<o:p></o:p></b></p><p class=MsoNormal>The importance of security and privacy management has increased as witnessed by the increasing number of security and privacy breach incidents that organizations have encountered within the last few years. For instance, the website privacyrights.org details nearly two thousand data breaches made public since 2005 that have compromised over a half million personal records. Security and privacy management is especially challenging in that users vary widely in level of motivation, knowledge, and perceptions of threat severity. The decentralized computing environment in which end users exercise some degree of autonomous control over IT resources further complicates security management efforts. To address these complex issues, we solicit research papers on the design and usability of tools and technologies employed for all types of IT security management tasks, including those utilized by both end users and IT administrators. <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>A fully functional IT environment requires a consolidated and convincing set of privacy and security safeguards in place at various levels: system, user, organizational, and sector. Therefore, design-based research efforts are expected to bring system requirement, user controllable privacy and security, organizational compliance, and legal requirements into better alignment. This mini-track provides a forum for focused discussion and exchange on design considerations for IT security and privacy management. We welcome research papers that explore interesting questions related to the design and usability aspects of IS security and privacy, such as: <o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l1 level1 lfo1'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>How should organizations design and implement tools and procedures that help IT professionals, business leaders, and policy makers bring system requirements, business strategies, and policies into better alignment? <o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l1 level1 lfo1'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>How should firms design and implement tools and practices for detection, reporting, investigation of, and recovery from security incidents? <o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l1 level1 lfo1'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>What is unique about privacy and security management and why should the AIS-SIGHCI community care? <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><b>POTENTIAL TOPICS:<o:p></o:p></b></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Example topics of interest include, but are not limited to, the following:<o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Design and usability evaluations of privacy and security enhancing features<o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>User mental models and behavioral dynamics<o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Tools or applications that support security and privacy assurance <o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Designs to improve IS security and IT policy compliance<o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>User interface design for security tools <o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Deployment, integration, modification, and maintenance of organizational security solutions <o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Design of organizational security controls and procedures <o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Information visualization for security analysis<o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Integration of security tools with organizational security policies and procedures<o:p></o:p></p><p class=MsoListParagraph style='text-indent:-.25in;mso-list:l0 level1 lfo2'><![if !supportLists]><span style='font-family:Symbol'><span style='mso-list:Ignore'>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><![endif]>Design of user security and privacy awareness and training modules<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>We refer potential authors to papers in recent <i>MIS Quarterly</i> and <i>European Journal of Information Systems</i> special issues on information security (e.g., Abbasi et al. 2010; Zhang et al. 2009) and the proceedings of <i>IFIP Working Group 8.11/11.13 Dewald Roode Information Security Workshop</i> for potential ideas. However, the range of acceptable topics and methodological approaches is by no means limited to these studies. <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><b>REFERENCES:<o:p></o:p></b></p><p class=MsoNormal>Abbasi, A., Zhang, Z., Zimbra, D., and Chen, H. (2010). Detecting Fake Websites: The Contribution of Statistical Learning Theory. MIS Quarterly 34(3), pp. 435-461.<o:p></o:p></p><p class=MsoNormal>Zhang, J., Luo, X., Akkaladevi, S., and Ziegelmayer, J. (2009). Improving Multiple-Password Recall: An Empirical Study. European Journal of Information Systems 18(2), pp. 165-176.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><b>SUBMISSION SITE:<o:p></o:p></b></p><p class=MsoNormal><a href="http://mc.manuscriptcentral.com/amcis2011">http://mc.manuscriptcentral.com/amcis2011</a><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><b>IMPORTANT DATES:<o:p></o:p></b></p><p class=MsoNormal>Deadline for paper submissions: February 17, 2011<o:p></o:p></p><p class=MsoNormal>Notification of Acceptance: March 24, 2011<o:p></o:p></p><p class=MsoNormal>Final Paper Due: April 21, 2011<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><b>CHAIRS CONTACT INFORMATION:<o:p></o:p></b></p><p class=MsoNormal>Heng Xu<o:p></o:p></p><p class=MsoNormal>Assistant Professor<o:p></o:p></p><p class=MsoNormal>College of Information Sciences and Technology,<o:p></o:p></p><p class=MsoNormal>The Pennsylvania State University, University Park,<o:p></o:p></p><p class=MsoNormal>Phone: (814) 867-0469<o:p></o:p></p><p class=MsoNormal>Email: <a href="mailto:hxu@ist.psu.edu">hxu@ist.psu.edu</a><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>John D’Arcy<o:p></o:p></p><p class=MsoNormal>Assistant Professor<o:p></o:p></p><p class=MsoNormal>Department of Management,<o:p></o:p></p><p class=MsoNormal>Mendoza College of Business,<o:p></o:p></p><p class=MsoNormal>University of Notre Dame,<o:p></o:p></p><p class=MsoNormal>Phone: (574) 631-1735<o:p></o:p></p><p class=MsoNormal>Email: <a href="mailto:jdarcy1@nd.edu">jdarcy1@nd.edu</a><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><table class=MsoNormalTable border=0 cellpadding=0 width=500 style='width:375.0pt'><tr><td valign=top style='padding:.75pt 11.25pt .75pt .75pt'></td><td style='padding:.75pt .75pt .75pt .75pt'></td></tr><tr><td colspan=2 style='padding:.75pt .75pt .75pt 131.25pt'></td></tr></table><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>