The Repository @ St. Cloud State

Open Access Knowledge and Scholarship

Date of Award


Culminating Project Type

Starred Paper

Degree Name

Information Assurance: M.S.


Information Assurance and Information Systems


Herberger School of Business

First Advisor

Abu Hussein, Abdullah

Second Advisor

Lynn, Collen

Third Advisor

Kasi, Balasubramanian

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Keywords and Subject Headings

Insufficient due diligence, lack of due diligence


Organizations face the rapid and constant evolution of technology and must adapt quickly to that fast pace changing environment. It is in that perspective that companies dive into adopting a new technology without a proper investigation on how the technology works or without knowing if they have the adequate resources to use it; thus, underestimating possible security threats. One of the most common threats related to organization rushing into acquiring a new technology is insufficient due diligence. Insufficient due diligence is the lack of proper measures taken to ensure the credibility of the technology provider. Insufficient due diligence happens when organizations try to move too quickly to the adopt technology without thoroughly understanding it. Organizations rushing in the decision making of which technology to choose, skip some important steps such as conducting a proper evaluation of the technology they want to adopt, which cause security threats. This is a problem mainly because of lack of research on the subject, ignorance and lack of attention to details. This starred paper will present the state of art of insufficient due diligence when adopting technology, its root causes, and the different aspect of the problem and propose recommendation to improve security in organizations. This work aims to raise the security bar for organizations adopting technology and improve security.