Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Exploring the adoption of the international information security management system standard ISO/IEC 27001: A web mining-based analysis

: Mirtsch, Mona; Kinne, Jan; Blind, Knut

Volltext urn:nbn:de:0011-n-5895697 (2.3 MByte PDF)
MD5 Fingerprint: fe81366f7176a818f5d2dbe7cbfd4c13
(CC) by
Erstellt am: 13.5.2020

IEEE transactions on engineering management : EM 68 (2021), Nr.1, S.87-100
ISSN: 0018-9391
ISSN: 1558-0040
European Commission EC
H2020; 770420; EURITO
EU Relevant, Inclusive, Timely, Trusted, and Open Research Innovation Indicators
Zeitschriftenaufsatz, Elektronische Publikation
Fraunhofer ISI ()
adoption; information security; management system standards; standards; web mining

In the light of digitalization and recent EU policy initiatives, information is an important asset that organizations of all sizes and from all sectors should secure. However, in order to provide common requirements for the implementation of an information security management system, the internationally well-accepted ISO/IEC 27001 standard has not shown the expected growth rate since its publication more than a decade ago. In this article, we apply web mining to explore the adoption of ISO/IEC 27001 through a series of 2664 out of more than 900 000 German firms from the Mannheim Enterprise Panel dataset that refers to this standard on their websites. As a result, we present a ‘‘landscape’’ of ISO/IEC 27001 in Germany, which shows that firms not only seek certifications themselves but often refer on their websites to partners who are certified instead. Consequently, we estimate a probit model and find that larger and more innovative firms are more likely to be certified to ISO/IEC 27001 and that almost half of all certified firms belong to the information and communications technology (ICT) service sector. Based on our findings, we derive implications for policy makers and management and critically assess the suitability of web mining to explore the adoption of management system standards.