Abstract
This thesis research evaluates the extent to which IT decision makers consider security concerns and requirements while performing technology acquisition in small-to-medium sized organizations. The research sought to understand what factors influence decision maker attitudes on the role of security during acquisition and how these attitudes and decision strategies affect security throughout the system lifecycle. Through an interview based study, with fifteen IT decision makers from small-to-medium sized organizations, decision maker attitudes and organizational practices were evaluated. The findings suggest that security is not often considered during the acquisition process and is not a crucial element of acquisition decision and selections strategies for a majority of the sample. There is, however, a significant relationship between acquisition and security throughout the system lifecycle and the findings further suggest that end-user consideration and involvement are crucial elements for both acquisition and security.
Library of Congress Subject Headings
Information technology--Management; Information technology--Evaluation; Computer networks--Security measures; Computer security
Publication Date
2010
Document Type
Thesis
Advisor
Pan, Yin
Advisor/Committee Member
Rantanen, Esa
Advisor/Committee Member
Baroody, James
Recommended Citation
Goldman, Eric, "Securing the IT acquisition security chain: Security concerns and human factors in IT acquisition" (2010). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/621
Campus
RIT – Main Campus
Comments
Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works in December 2013.