Date of Award

Spring 2018

Document Type


Degree Name

PhD in Business


Department of Information and Process Management

First Advisor

Janis L. Gogan

Second Advisor

W. Alec Cram

Third Advisor

John D'Arcy


This dissertation investigates managerial and strategic aspects of InfoSec incident preparation and response. This dissertation is presented in four chapters:

Chapter 1: an introduction

Chapter 2: a systematic literature review

Chapter 3: two field-based case studies of InfoSec incident response processes

Chapter 4: a repertory grid study identifying characteristics of effective individual incident responders.

Together these chapters demonstrate that the lenses of the Resource Based View, Theory of Complementary Resources, and Accounting Control Theory, can be combined to classify and analyze the resources organizations use during incident response. I find that incident response is maturing as a discipline and organizations rely on both defined procedures and improvisation when incidents occur. Most importantly there is no “one size fits all” approach to incident response. Incident responder characteristics include general skills (good communicators and problem solvers) and character attributes (such as an interest in “doing the right thing”).The combination of characteristics that make an individual successful in a particular incident response role is affected by other resources available to support InfoSec incident response.