The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda

Purpose \u2013 After 15 years of research, this paper aims to present a review of the academic literature on the ISO/ IEC 27001, the most renowned standard for information security and the third most widespread ISO certification. Emerging issues are reframed through the lenses of social systems thinking, deriving a theorybased research agenda to inspire interdisciplinary studies in the field. Design/methodology/approach \u2013 The study is structured as a systematic literature review. Findings \u2013 Research themes and sub-themes are identified on five broad research foci: relation with other standards, motivations, issues in the implementation, possible outcomes and contextual factors. Originality/value \u2013The study presents a structured overview of the academic body of knowledge on ISO/IEC 27001, providing solid foundations for future research on the topic. A set of research opportunities is outlined, with the aim to inspire future interdisciplinary studies at the crossroad between information security and quality management. Managers interested in the implementation of the standard and policymakers can find an overview of academic knowledge useful to inform their decisions related to implementation and regulatory activities

Manufacturing internationalization: from distance to proximity? A longitudinal analysis of offshoring choices

Purpose – This paper aims to offer a long-term systematic picture of the evolution of manufacturing offshoring (in terms of intensity, geography and drivers) highlighting the changes in the surrounding context and the resulting transitions points (“points in time”) that have shaped its development path. Design/methodology/approach – Three statistical tools were adopted on a dataset of 644 cases. First, the authors resorted to multiple structural change tests to identify the transition points. Second, the authors explored offshoring geography by conducting a network analysis. Finally, the authors adopted gravity models to shed light on offshoring drivers. Findings – Results highlight three offshoring phases: expansion (2002–2006), reconsideration (2007–2009) and rationalization (2010 onwards). During the first phase, characterized by economic growth, firms were mainly interested in economic savings; offshoring to low-cost countries was the prevailing location strategy. Subsequently, during the economic crisis, the number of cases declined and the main drivers became marketbased factors together with the research for cost savings. Finally, in the third phase, when the economy was still stagnating and new manufacturing technologies appeared, the number of offshoring cases has further decreased, and technological- and market-based factors have become the main location drivers. Originality/value – The study is the first to adopt a systematic, empirical and quantitative approach to analyze the evolution of the manufacturing offshoring considering both the phenomenon itself and the triggering changes in the surrounding context. In doing this, the authors also tested the importance of considering the point in time in offshoring strategies

Performance implications of ISO/IEC 27001 certification.

The purpose of this paper is to explore the operational impact of the adoption of the most renowned norm in the field of information security: ISO/IEC 27001. We develop six research hypotheses; three of them related to firm’s operating performance and three which shed light on the moderating role of some contextual factors. The results indicate that the ISO/IEC 27001 certification improves the profitability and the labor productivity of the adopting firms while no effect is recorded on sales performance. The impact appears affected by the munificence of the industry and the level of internationalization of the firm