IT Certifications – Trustworthy or Yet Another Form of Greenwashing?

  • Background

    We meet certifications every day in our lives. Our food is certified as bio, fair, and sustainable. Our electronics are CE certified. Our skills are certified by academic degrees. As in our daily lives, certifications are also used extensively in business and IT. In this context, certifications promise information security, data protection, or business integrity.

    Thereby, certifications serve two roles. On the one hand, companies can learn from certification best practices to improve their operations. On the other hand, companies can use certifications as a third-party signal to attract customers.

    However, just as companies have different motivations for becoming certified, they are also affected differently by the certification. Even if two companies are both certified, the outcomes of that certification can be vastly different. While one company may have improved its security, the other may have just spent considerable resources on a misleading label for its website.

    For certifications to remain effective, we must understand what leads to these different outcomes. Current research shows that the crucial factor is variations in the implementation process. Therefore, understanding the implementation process determines whether IT certifications have an actual impact or are just another greenwashing label.



    Possible topics include, but are not limited to:

    • Review of management and organization science literature regarding theories for organizational change
    • Case study accompanying a certification implementation


    Starting Literature

    • Greulich, Malte; Lins, Sebastian; Sunyaev, Ali (2020): Toward Uncovering Patterns of Certification Internalization. In Proceedings of the 41st International Conference on Information Systems (ICIS 2020), Virtual Conference.
    • Yin, Haitao; Schmeidler, Peter J. (2009): Why do standardized ISO 14001 environmental management systems lead to heterogeneous environmental outcomes? In Business Strategy and the Environment 18 (7), pp. 469-486. DOI: 10.1002/bse.629.
    • Boiral, Olivier (2003): ISO 9000: Outside the Iron Cage. In Organization Science 14 (6), pp. 720-737. DOI: 10.1287/orsc.14.6.720.24873.