Toward a Unified Framework for Information Systems Certification Internalization

Information systems (IS) certifications are often deemed as an effective way to address contemporary challenges in the IS domain, such as ensuring data protection and making artificial intelligence more trustworthy. However, IS certifications are only effective if organizations thoroughly internalize them. Internalization refers to the process of absorbing information underlying a certification (e.g., best practices and third-party feedback) into the organization and translating it into knowledge, procedures, and technical capabilities. Yet, research on the process of certification internalization is scattered and lacks an established framework. For this study, we conducted a descriptive literature review and synthesized existing research into a unified framework summarizing the certification internalization process. Our framework characterizes internalization as an iterative and continuous process comprising thirteen activities across five phases: initiation, preparation, assessment, implementation, and evaluation. This study contributes to a better understanding of certification internalization and can help to ensure certification effectiveness in practice. As the majority of certification internalization research is rooted in the management discipline, future research is needed to account for the specifics of IS in the certification internalization process.