The current issue and full text archive of this journal is available at www.emeraldinsight.com/0960-0035.

htm

Why all the changes?

An institutional theory approach to exploring the drivers of supply chain security (SCS)
Zachary Williams
Department of Marketing and HSA, Central Michigan University, Mount Pleasant, Michigan, USA

Institutional theory approach

595

Jason E. Lueg and Ronald D. Taylor

Department of Marketing, Quantitative Analysis, and Business Law, College of Business and Industry, Mississippi State University, Mississippi State, Mississippi, USA, and

Robert L. Cook
Department of Marketing and HSA, Central Michigan University, Mount Pleasant, Michigan, USA
Abstract
Purpose The events of September 11, 2001 heightened the awareness of supply chain professionals to the threat of man-made disasters on the security of supply chains. According to institutional theory, the environment in which an organization operates creates pressures (normative, coercive, and mimetic) to adopt institutionalized norms and practices in order to be perceived as legitimate. Using an institutional theory perspective, this paper identies and explores the environmental drivers that motivate rms to engage in supply chain security (SCS) practices to thwart man-made supply chain disasters. Design/methodology/approach Qualitative research in the form of 19 depth interviews with mid-to-high level supply chain management professionals is conducted. Findings The ndings of the qualitative research indicate that four primary drivers of SCS exist: government, customers, competitors, and society. Implications and suggestions for future research are provided. Research limitations/implications The qualitative ndings call for future empirical testing. Practical implications Practitioners will benet from the research presented here by better understanding what environmental factors are causing improved security measures in the supply chain. Originality/value This paper investigates drivers of SCS, an issue that is currently having an impact on supply chain operations worldwide. This is the rst SCS study to investigate the reason behind why supply chains are implementing security strategies. Keywords Supply chain management, Organizational analysis, Man-made disasters, United States of America Paper type Research paper

Introduction In the aftermath of the terrorist attacks of September 11, 2001 (9/11 hereafter), the way that organizations conduct business activities both within and between themselves was altered as public and private entities began creating new requirements for business operations. Specically, the way rms share and physically distribute goods became a key area of interest to ensure the security of supply chain partners and

International Journal of Physical Distribution & Logistics Management Vol. 39 No. 7, 2009 pp. 595-618 q Emerald Group Publishing Limited 0960-0035 DOI 10.1108/09600030910996279

IJPDLM 39,7

596

ultimately, society in general. Furthermore, the Department of Homeland Security (DHS) announced that securing the supply chain is part of the overall strategy for national security (Wilson, 2005), thus placing additional expectations on organizations. Collectively, the activities that protect supply chains from damage, terrorism, and contraband have become known as supply chain security (SCS). Prior to 9/11, SCS focused primarily on issues like smuggling, stowaways, and theft (Thibault et al., 2006) as opposed to preventing terrorist contraband from entering the supply chain. The change in focus has had a large impact on how organizations manage and approach logistics and supply chain operations. This has resulted in private organizations and public entities working together to prevent man-made supply chain disasters and to ensure the efcient ow of goods and the protection of citizens. In fact, in a survey of global shippers, it was found that security related issues are responsible for applying the most pressure on global supply chains (Shawdon, 2006). As a result, research suggests that supply chain executives are worrying more about security than ever before (Spekman and Davis, 2004) and many are indicating that security is their most dire concern (Wilson, 2005). Institutional theory suggests that organizations are social systems (Scott, 2001) and is used as a theoretical framework to explain why organizations adopt practices, policies, and procedures (Meyer and Rowan, 1977; DiMaggio and Powell, 1983), what they should look like, how they should behave (Powell and DiMaggio, 1991; Scott, 1995; Hatch, 1997), and their actions in response to environmental pressure (Hoffman, 1997; Scott, 2001; Grewal and Dharwadkar, 2002). Institutional theory can be used to answer questions concerning the role of institutional inuence on social choices (Powell and DiMaggio, 1991). From a SCS perspective, institutional theory can help explain why organizations are motivated (driven) to adopt SCS practices. Using institutional theory to investigate organizational phenomena within a supply chain (McFarland et al., 2008) and as an explanatory theory of SCS (Zsidisin et al., 2005; Venus Lun et al., 2008) is consistent with previous research. Thus, the objective of this study is to use institutional theory to understand what drives organizations to engage in SCS practices. The need to explore and understand the drivers behind organizational behavior is consistent with existing supply chain and logistics research (Carter and Ellram, 1998; Lambert et al., 2004; Golicic and Mentzer, 2005; Karkkainen et al., 2005; Peck, 2005; Lau and Zhang, 2006; Shunk et al., 2007). To achieve this objective this study is presented as follows. First, reviews of relevant literature on institutional theory and SCS are presented. Next, the method and results from a qualitative study consisting of 17 depth-interviews with supply chain executives is presented. Then, implications of the research ndings along with future research directions are discussed. This studys contributions include: . responding to the call for research on strategic issues related to SCS (Tang, 2006); . responding to the call for research into external persuasions on organizational adoption of SCS initiatives (Haughton, 2007); . helping to understand why organizations partake in security practices; and . helping to understand why and what managerial practices are taking place in the wake of increased global terrorism (Czinkota et al., 2005).

Institutional theory Organizations are not only production systems; but they are also social and cultural systems (Scott, 2001). Owing to their social and cultural characteristics, rms have the desire and need to adopt and adhere to rules and practices as created by the external environment (Meyer and Rowan, 1977; DiMaggio and Powell, 1983) that are beyond the control of the rm (Hoffman, 1997). Thus, external environmental demands can induce organizations to adopt roles in society and create appearances (Hatch, 1997) which may not be the original intent of the organization. As a result, organizational choices and actions are constrained and inuenced by social behaviors, norms, and values in their external environment (Selznick, 1957). As such, institutional theory is used by researchers to understand how environmental pressures impact managerial actions and shape individual organizational structures and actions (Goodstein, 1994; Greening and Gray, 1994). The main thrust of institutional theory is that organizations operate in a social network whereby organizational practices are caused by and inuenced through social rules and rules of thumb (Ingram and Simons, 1995) and that a social reality is created and dened by the environment in which an organization operates. This reality is created by the values and norms accepted in a particular environment (Scott, 1987). As a result, the social reality becomes the guideline for social behavior (Scott, 2005). That is, the standards (norms, values, and activities) that the external environment has adopted become institutionalized. Thus, something becomes institutionalized when it is well approved and commonly accepted by other organizations in the environment without question (Selznick, 1957; Zucker, 1977; Tolbert and Zucker, 1996). Further, the external environment will create pressure for other organizations to accept the institutionalized rules, norms, and beliefs that describe reality for the organization, explaining what is and what is not, what can be acted upon and what cannot, (Hoffman, 1999, p. 351). However, organizations can also fail to adopt institutionalized activities. If this is the case, organizations are vulnerable to scrutiny of being negligent, irrational, or unnecessary (Maier, 2005). The adoption of institutionalized norms, values, and behaviors is also known as the search for legitimacy in the environment (Zucker, 1987). Legitimacy is dened as a perception that the actions of an entity are desirable, proper, or appropriate within some socially constructed system of norms, values, beliefs, and denitions (Suchman, 1995, p. 574). This indicates that legitimacy is the belief that certain behaviors or practices are something that everyone in the environment should do. The process of becoming legitimate is the result of an organization conforming to pressures in the external environment (DiMaggio and Powell, 1983). Legitimacy is important for organizations as it creates the perception of credibility, persistence, and meaningfulness within the environment (DiMaggio and Powell, 1983; Meyer and Rowan, 1977) and may also increase their possibility of survival (Meyer and Rowan, 1977). The process by which organizations begin to adopt similarities and create a homogenous set of organizations is known as isomorphism (DiMaggio and Powell, 1983). Isomorphic actions are developed from the set of environmental standards which force organizations to mirror one another (Fennell and Alexander, 1987) and these actions lead organizations to become legitimized and accepted by society (DiMaggio and Powell, 1983). Scott (1998) suggests that by incorporating institutional rules within their own structure, organizations become more homogenous, more similar in

Institutional theory approach

597

IJPDLM 39,7

structure over time, (p. 213). Therefore, when organizations adopt the legitimized elements from the external environment, isomorphism is achieved and the likelihood of survival is often increased (Zucker, 1987). As a result, rms operating in an environment, who are deemed as legitimate, abide by similar norms, values, and rules. According to DiMaggio and Powell (1983), isomorphism is the result of three types of external pressure: coercive, mimetic, and normative. Coercive pressure Coercive pressure results from force, persuasions, and invitations to participate with other external environment members. Coercive institutional pressures often take the form of governmental regulations or laws. As a result, some rms are coerced into adopting these as they develop a fear of and try to avoid sanctions (Scott, 1995) and punishment (Grewal and Dharwadkar, 2002). For example, Jennings and Zandbergen (1995) cite the Environmental Protection Agency and The National Environmental Policy Act as sources of governmental legislation that have impacted organizational action. However, coercive pressure comes from others who have the ability to apply formal and informal pressure (Slack and Hinings, 1994) such as customers (Teo et al., 2003; Khalifa and Davison, 2006) and suppliers (Teo et al., 2003). For example, in adopting environmentally friendly practices and strategies, consumers can play a very important role in terms of what is expected of an organization (Darnell, 2006). As a result, customers create policies and procedures that they set forth and then apply pressure for exchange organizations to adopt these activities. Normative pressure Normative pressure comes from cultural expectations in which norms and standards of the operating environment are formed and which in turn guide decision-making (Khalifa and Davison, 2006). With normative pressures, organizational choices are inuenced by values and norms. Organizations conform because of moral and ethical obligation and it is what is expected of them (Scott, 1995). These pressures usually result in rules of thumb, education curriculum, standard operating procedures, and occupational standards (Hoffman, 1999). Normative pressures can come from a variety of sources. Normative institutions include educational organizations, trade associations, industry groups, interest groups, and public opinion (DiMaggio and Powell, 1983). These groups can create pressure for organizations to embrace accepted norms and behaviors (Selznick, 1984). However, society can also create normative pressure for organizations. Firms interacting with society can result in institutional behaviors that dictate corporate activities and strategies (Falkner, 2003). Mimetic pressure Mimetic pressure comes from the desire to look like other organizations by mimicking other organizations structures, practices, or outputs. In other words, organizations model themselves after organizations in their external environment that they see to be similar but also legitimate and successful (DiMaggio and Powell, 1983). Mimetic pressures are often the result of environmental uncertainty, ambiguity in the achievement of organizational goals, technological complexity, etc. When new or

598

problematic situations arise in the environment, organizations model themselves after other organizations that they believe are adequately managing their business to survive environmental conditions. Also, adopting practices that are deemed acceptable by the external environment may insulate the organization from criticism from competitors (King and Lennox, 2001). The organizations do not intentionally serve as models, rather they are viewed by other organizations as a convenient source (DiMaggio and Powell, 1983, p. 151) of information to reduce uncertainty. Furthermore, organizations that are viewed as innovators are often mimicked as other organizations seek to become legitimized. Environmentally friendly, green products and environmental marketing programs are all examples of mimetic pressures. Many of these programs have been implemented without studying impact, but rather are the result of competitive pressure ( Jennings and Zandbergen, 1995). Supply chain security Formally stated, SCS management is:
The application of policies, procedures, and technology to protect supply chain assets (product, facilities, equipment, information, and personnel) from theft, damage, or terrorism and to prevent the introduction or unauthorized contraband, people or weapons of mass destruction into the supply chain (Closs and McGarrell, 2004, p. 8).

Institutional theory approach

599

This denition of SCS focuses on security issues involving man-made factors: theft, damage, and terrorism and excludes natural disasters. Following the denition by Closs and McGarrell (2004), this study will likewise focus on security efforts to thwart a man-made supply chain disaster. According to the U.S. Department of Health and Human Services Web site (Health and Human Services Web site, 2008), man-made disasters include terrorism, bioterrorism, pandemics and diseases, chemical agents, and radiation emergencies. This focus is consistent with emerging research investigating the impact of terrorism on business practices (Czinkota and Knight, 2005; Czinkota et al., 2005; Steen et al., 2006). Just after the events of 9/11, the US Government prohibited air trafc and stopped border crossings, thereby preventing truck trafc to deliver parts needed to run just-in-time operations in automotive plants in Windsor, Canada (Shef, 2001). Thus, it became clear that supply chains were susceptible to being directly or indirectly affected by terrorism and might even be used to dispense tools of terrorism. Hence, the high visibility and negative publicity related to man-made disasters creates added pressure for organizations to avoid them and presents a special security need for organizations. As a result, these types of disasters represent a unique burden on organizations to engage in activities that decrease the likelihood of their direct involvement in them. Owing to supply chain complexities, SCS strategies can involve organizational relationships with other supply chain members, public entities (governmental and non-governmental agencies), and even competitors (Williams et al., 2008). First, SCS may be the result of efforts co-created between organizations and the upstream and downstream members (Rice and Spayd, 2005) and requires organizations to develop relationships with customers and suppliers (Rice and Caniato, 2003). This critical component of SCS entails more collaboration with customers and suppliers to create a secure supply chain capable of bouncing back

IJPDLM 39,7

600

quickly when a breach happens (Shef, 2005). However, this may be easier said than done as many rms are unaware of what their supply chain partners are doing in terms of security and continuity (Rittner et al., 2007). Security can be initiated as part of a supply chain strategy once an organization understands its relationships with suppliers (Rinehart et al., 2004). As a result, the rst step to creating a secure supply chain is to understand the various types of relationships with suppliers. Rinehart et al. (2004) present several types of supplier relationships which are founded on dimensions of trust, interaction frequency, and commitment. Once a rm identies which type of relationship it has with each supplier based on these dimensions, it can then focus on developing security with that supplier unique to the type of relationship that exists with each supplier. (For more on this topic, please see Rinehart et al. (2004). Second, another theme in SCS literature is the interaction between public and private agencies. Normative ndings suggest that organizations should be creating relationships with government agencies to become more secure (Rice and Caniato, 2003). Since 9/11, supply chain management (SCM) researchers have focused on governmental involvement in SCS and anti-terrorism policies and the resulting impact on domestic and international trade (Christopher and Peck, 2004). For instance, importing from Canada has changed due to updated security measures imposed by the US Government (Prokop, 2004). As such, governmental partnerships and working with customs and trade agencies are stressed as critical components of SCS. In this instance, relationships with government agencies may be as important as relationships with other supply chain members. Since 9/11, there have been several government initiatives designed to specically address SCS. The most prominent programs include Customs-Trade Partnership Against Terrorism (or C-TPAT; a government program designed to identify and verify supply chain partners and the security practices among them), Fast and Secure Trade (or FAST; a program designed to low risk drivers, carriers, and importers to expedite shipments between the USA and Canada) and the Container Security Initiative (or CSI; a program designed to allow the US Customs and Border Patrol to inspect high risk ocean containers prior to loading on vessels in foreign ports). Sheu et al. (2006) suggest that most organizations nd benet in C-TPAT certication and report-improved relationships with supply partners and increased security among international partners. This suggests that working together in a cooperative manner has benet for the public and private sectors. This idea is supported by Thibault et al. (2006) who found that a large benet to security initiatives has been the increased cooperative nature between the government and industry. Third, competitors sometimes serve as collaborators to ensure SCS. In some instances, rms that compete in the same market conduct horizontal collaboration for the sake of security (Shef, 2005). An example of this is found in India where a group of competing rms work together in an effort to ensure SCS while at the same time ensuring their own continued operations. The organizations import circuit board components to India, where government security efforts prohibit the supply to be released for a month or longer. As a result, competing rms work together and create coping mechanisms that are utilized to handle the customs clearance importation process. The coping mechanism involves sharing inventories with one another. In other words, they pool their risk and, as a whole, lower uncertainty, while at the same time working with the government to create and allow for secure supply chains (Sawhney and Sumukadas, 2005).

The previous literature review on SCS helps to illustrate that security issues have caused signicant modications to intra- and interorganizational business practices. However, the research conducted on SCS has been broad rather than in depth, and as such, SCS is still in its infancy. In fact, what initially motivates an organization to engage in SCS has not been explicitly investigated. Insight into the reasons (drivers) behind SCS decisions can be offered by the application of institutional theory. Method In order to apply institutional theory to develop an understanding of what drives an organization to engage in SCS (a phenomenon about which little is known), qualitative research was used (Strauss, 1990). Using qualitative research methods to investigate emerging issues in SCM is consistent with previous research (Golicic and Mentzer, 2005; Zsidisin et al., 2005; Shunk et al., 2007; Manuj and Mentzer, 2008). Further, recent research has called for more qualitative research in logistics and supply chain (Naslund, 2002). Interviewing, one type of qualitative research, is specically known for its richness and depth (Bailey, 1994). Thus, in order to determine what drives rms to undertake SCS, semi-structured interviews were conducted to gather primary data and gain a deeper knowledge of motivations behind SCS. These interviews followed a semi-structured interview guide. This guide is found in the Appendix. Owing to the exploratory nature of this study, the questions in the guide were very broad in scope in order to allow for respondents to speak in as much detail as they were willing. Keeping the discussion and questions very general was necessary given the sensitivity of the topic (security). An initial sample pool to interview was identied from graduates of a Midwestern University located in the USA which is known for its logistics program. A logistics honors society provided contact information for potential interviewees. From this list, appropriate potential respondents were identied as working in any realm of SCM, primarily based in the USA, and required to have manager, vice president, executive or something similar in their title (mid-to-high level managers). Individuals in such positions would typically have a greater understanding of an organizations SCS operations. In total, 78 potential interviewees were contacted, resulting in 17 completed interviews. The nal sample was diverse across several variables, including supply chain function, industry, position within the organization, and job tenure. This was intentional as the purpose of the qualitative research was to gain a broad perspective of SCS. Further, each respondent was currently working in the USA and all but four respondents represented organizations that had global operations. More information about the sample is presented in Table I. Interviews began with introductions, backgrounds, description of the research, and condentiality agreements. This was done to build rapport with the respondent (Strauss and Corbin, 1998). Given the ambiguity of the phenomenon, a denition was provided to each person: Formally stated, SCS management is:
The application of policies, procedures, and technology to protect supply chain assets (product, facilities, equipment, information, and personnel) from theft, damage, or terrorism and to prevent the introduction or unauthorized contraband, people or weapons of mass destruction into the supply chain (Closs and McGarrell, 2004, p. 8).

Institutional theory approach

601

Interviews lasted between 30 and 75 minutes and were recorded and transcribed for analysis.

IJPDLM 39,7

Respondent industry Industrial component manufacturing High tech/software manufacturing

Number of respondents 2 4

Respondent job title (s) Materials Manager Production Control Manager Senior Sourcing Manager Procurement and Supply Chain Manager Program Manager, Supply Chain Operations Vice President of New Product Development Vice President of Security CEO, Logistics Information Firm Director of Account Management Manager of Supply Chain Business Development CEO, 3PL CEO, Supply Chain Consulting Firm Senior Manager Senior Project Manager Logistics Manager Senior Transportation Manager

602

Transportation/logistics services/consulting

Table I. Description of semi-structured interview respondents

Building and construction Consumer package goods

1 2

The data gathered from the interviews was then content analyzed to identify emergent themes. This included developing reasons that organizations feel pressure to adopt practices in SCS. A priori expectations existed from the pressures presented in institutional theory: coercive, normative, and mimetic. These pressure categories were taken into consideration while reviewing the transcribed interviews. Two independent judges read through the rst six respondents answers and sorted them into categories. From this four broad and distinct categories were established and agreed upon by the judges (competitors, customers, society, and government). The judges then independently placed quotes from the respondents into these established categories. Finally, the judges met to discuss and resolve any categorical discrepancies. Redundancy (no new information is revealed; the same themes are discussed by each respondent), which is more important than the number of interviews conducted (McCracken, 1988), was reached after 13 interviews. This is similar to other qualitative research in SCM (Lambert et al., 2004). However, four additional interviews were conducted to ensure saturation had been reached. This number of interviews would be consistent with researchers who suggest that at least eight informants be interviewed, or until saturation is reached (McCracken, 1988; Strauss and Corbin, 1998).

Results During the interviews, a common theme (consistent with institutional theory) emerged to describe why rms initially enact security efforts: pressures from the environment in which they operate. Respondents discussed SCS from a standpoint of why and how it impacted their organization. Respondents indicated that a variety of environmental

pressures caused their rms to take action. For example, the following quote indicates the power of security that can be brought about by environmental forces:
After 9/11, security didnt become cool, but it became okay to spend money on it. Anytime we are having trouble pushing through a security initiative with a supplier, all you really have to say is this is the post 9/11 environment, and you dont have to go any farther than that because whatever needs to get done gets done (Logistics Manager).

Institutional theory approach

This quote suggests that SCS is itself becoming institutionalized. In other words, SCS is something that is expected of members of a supply chain and if ignored or not salient, the mere mention of it causes action. Respondents specically mentioned several sources that inuence the formulation of SCS strategies including the government, customers, competition, and society. Each of these external pressures is discussed in more detail below. Government
C-TPAT is the most voluntary, non-voluntary program in the history of the US Government (CEO, Supply Chain Consulting Firm).

603

This quote illustrates the impact that the government has had on organizations due to security issues. The program mentioned, C-TPAT, is a voluntary government program in which organizations have been encouraged to participate. However, with the pressure applied from governmental agencies, the choice not to participate in this program may have serious detrimental effects for the rm such as direct costs (e.g. longer lead times due to extra inspection in ports of incoming goods) and indirect costs (e.g. losing potential customers as a result of not being certied by government programs). As a result, even the voluntary programs create pressure for organizations to participate. While most of the government initiatives are voluntary, some are mandatory. The threat of sanctions often results in compliance. Respondents in this study spoke of governmental security pressures as something they had to do without any choice as the government imposes security requirements that an organization has to participate in, with very little input on the initiative. This has altered the way rms make decisions. For example:
We have to abide by all bioterrorism laws and use those laws when making organizational decisions (Logistics Manager). For medium to large companies, the two biggest components of supply chain security are C-TPAT and export compliance. Most companies are dealing with supply chain security from a regulatory/compliance standpoint only. Companies are struggling to do other things: please customers, produce the products, marketing and sales. Companies are viewing this as a necessary evil. This will be their view until it happens to them. Most are trying to understand what the minimal is to get by (CEO, Supply Chain Consulting Firm).

Other respondents indicated that they were working with the government to adopt and abide by the regulations being imposed. While the same pressure was applied from the government, these respondents seemed to view the pressure as an opportunity to work closely with the government to ensure SCS. For example:
We were one of the rst companies to train all of our employees in the Highway Watch Program (VP of Security).

IJPDLM 39,7

We are involved with C-TPAT and the FAST program programs. Another way we work with the government is that we will fax all the paperwork over to the immigration/border folks an hour or so before our trucks get there, so when they do arrive, the there isnt the hassle to get through there (CEO, Third Party Logistics Provider). We felt that it was critical to partner with the government (Manager of Supply Chain Business Development). When it comes to security, I think that people are more diligent. The bio-terrorism act and C-TPAT have helped to raise awareness (Logistics Manager). We educate and work with regulatory agencies about our industry [Referring to partnering with the government on a TSA on a pilot program] (VP of Security).

604

This indicates that some rms feel that benets may exist in working with the government. By working with the government early and often, these individuals feel that their rms may benet. This view may resonate from the fact that from cooperation with the pressure source (government), lower levels of scrutiny or penalty may result. In other words, by abiding by governmental pressures for SCS, positive results came to some rms. So, rms may rationalize their supplier and customer base, thus eliminating supply chain waste. This requires knowing more detail and background of supply chain partners. Finally, respondents also discussed the impact that the governmental pressures had on their customers. The respondents indicated that the government policies created difcult situations for the exchange partners, but, often-positive effects on SCS did emerge. This may be the result of exchange partners working more closely and collaboratively to abide by the governmental policies. Customers
We do our security efforts for our customers rst (Senior Sourcing Manager). For the most part, rms are implementing security efforts for commercial considerations, such as customers demanding it (CEO, Supply Chain Consulting Firm). Security is driven by what our clients want, so sometimes we have to invest more resources for a particular client (Director of Account Management).

The above comments suggest that environmental pressure for SCS is being applied by customers. Customers create security expectations by which suppliers (both material and service providers) must comply to retain business and remain competitive. For example, the following quote illustrates that meeting customer demands may be necessary to continue to grow:
When a customer is looking for a supplier, the more secure you are, the more likely you are to pass their rst audit, and eventually win the business (Production Control Manager).

In many instances, customers demand security efforts that are greater than the measures that the government is imposing. Examples of this include 24 hours accessibility to tracking information and to supplier personnel, special requirements in the handling of goods, and documented emergency planning and response plans. The following illustrate demands that customers have imposed on suppliers to enhance security:

About a year ago we had a situation where we had some truckloads refused at some of our largest customers. We had several trucks refused from a large fast food chain not because our seals were broken, but rather because our seals were not of a specic kind that they required. Customers have imposed those standards on us that we use their specic seals. That was something we had to get used to (Logistics Manager). We had to increase the size of our package for security efforts. We did a lot of package redesign and every time, security was incorporated. Our customers wanted bigger boxes. This had a detrimental impact on the supply chain. We had to buy more corrugate, the boxes were bigger, so they weighed more, and we couldnt get as many on a pallet (Procurement and Supply Chain Manager).

Institutional theory approach

605

This pressure required respondents to make signicant changes to meet customer demands. There were even mentions of how customers required changes that were detrimental to the supplier. In general, the respondents indicate that they fear failing customers due to a security issue because it would be extremely devastating to any organization. Furthermore, the issue of failing customers had even deeper meaning to suppliers of critical care products. A respondent whose product line includes medical devices indicated that failing customers because of security issues was not an option. How customers are demanding security efforts from their suppliers was also evident as many respondents spoke from their own perspective as customers. From this view, respondents discussed the expectations they created for their suppliers:
Even though we are in control, there is a communal effort to this too. We create our standard operating procedure and distribute that to our suppliers. Everyone who has anything to do with our product must adhere to these strict guidelines and there are no second chances, so they must learn quick (Logistics Manager). We raised the bar with the supply base that we worked with. Our suppliers werent used to the security efforts that we were requiring (Procurement and Supply Chain Manager). We get surprised at how loose and lax our suppliers were with security, specically in terms of tracing and trace-ability of product. We have very good records of products that have come into our control However, many suppliers did not have the same capabilities. This is what has caused the interest in the supplier certication program [. . .] We require EDI capabilities from all our suppliers. We require GPS technology from all of our carriers as well (Logistics Manager).

A prime example of SCS customer pressure is illustrated by the demands being imposed on the trucking industry. Many rms discussed the process of hiring carriers who are seen as secure by providing evidence of safety, preparedness, and vigilance. Some rms referred to developing lists to accomplish this as their family carriers. In order to become a family carrier, a provider would have to meet a standardized set of guidelines, which were heavily laden with security requirements. For example:
We only hire carriers that are internally certied. This will help to make sure that all goes as smoothly as possible (Director of Account Management). We partner with other companies who are secure, our transportation providers, as part of our security strategy. We screen our suppliers very, very rigorously on the front end before bringing them on (Senior Sourcing Manager).

IJPDLM 39,7

Competitors Competitor pressures to engage in SCS also emerged from the ndings. In many cases, security practices are mimicked among competing rms. In other words, security best practices can be developed and copied among a competitive marketplace. In other instances, rms cited proactive security efforts as areas of differentiation, which would allow for marketing of SCS to their customers. For example:
We dont use security as a marketing tool enough. I think we have the tools and skills; we just do not use it as a differentiator yet. In the future we are going to have to though, because others around us [competitors] will be. The sad part is, well be looking at them [competitors] to gure what we should be doing (Director of Account Management).

606

Organizations partake in security efforts as the result of how other organizations see them. Creating the perception of security helps assist in creating legitimacy among peer rms. Further, the perception of legitimacy may have deterrent effects on potential security breaches. For example:
Our atbed division bought out some smaller companies. They still spend a lot of money updating equipment to meet or exceed standards, and this also impacts security. Part of security is perception. We dont want our trucks going up and down the road looking like junk. Not only would our customers and competitors have a eld day with that, I think it would just invite more people to try and attack us (Manager of Supply Chain Business Development).

This quote illustrates how the environment forces have caused the respondents rm to implement strategic initiatives for security efforts. The competitive marketplaces in which organizations operate cause them to take security efforts seriously and incorporate security efforts as an overall strategy. There may also be the feeling of necessity in the competitive marketplace. The following quote indicates that organizational brands are competitive advantages and rms fear any damage to them as it could hurt their competitive position:
Our biggest fear is that something contaminates; our biggest fear is ending up on the news for whatever reason. We try to protect our brand because were a brand driven organization. Specically, if a bio-hazardous agent gets delivered through us, well, there wouldnt be anyway quicker to the news and a shutdown of our organization (Senior Transportation Manager).

No rm wants to be the one that is responsible for dispersing acts of terrorism. This feeling resonates even deeper among rms that have spent many resources developing brands. Brand equity and the pressure felt from the competitive marketplace are causing rms to adopt SCS as the norm (i.e. becoming isomorphic), which is resulting in more and more rms implementing security efforts. Firms that view SCS as an opportunity are going beyond the norm in their marketplace and using security efforts to deter perpetrators from attacking their supply chains and in some instances, they differentiate themselves from other rms by using security efforts as a differentiation tool among competitors. Society Respondents often referred to activities that beneted society and also to their fear of harming anyone. One respondent from the food industry clearly mentioned fear as

a driving force of security measures. His fear was based on the impact on society if a security breach happened at his organization:
Contamination and bio-terrorism is what our top concern is. We are fully aware that if something goes down in our supply chain, there are a lot of people that could be negatively impacted (Logistics Manager).

Institutional theory approach

Other respondents referred to what if scenarios that caused fear. These scenarios were not the result of their direct impact on society, but rather, were the result of if they were involved in a security breach of some kind. For example:
We are concerned with manipulating our shipments; what if someone got a malicious object within one or our shipments? That would be a big security issue. We unfortunately do a lot of air freight both domestically and internationally. If a terrorist got a bomb within one of our shipments, we would be in a very tough situation as an organization [. . .] that situation might have dire impacts on innocent people (Production Control Manager). My old company came at security much differently (a rail company). If they had a security breach, they would not only shut down the railroads, but the country would shut down (CEO, Third Party Logistics Provider). We arent shipping certain products to certain customers in certain parts of the world. While there may be gains for us in terms of sales, the overall benet is ensuring everyones well being (Senior Transportation Manager).

607

In addition to specic societal concerns, it is interesting to note that respondents mentioned the media and professional conferences as sources of gathering information about security and society. One respondent mentioned attending a conference session on pandemic u. This session caused fear as he realized that this organization would not only suffer from something like bird u, but they might also be inadvertently assisting in its distribution. Discussion Because of the events of 9/11, organizations have become more aware of the threat of terrorism to business operations. Hence, many organizations have instituted prevention measures to minimize the potential impact of such man-made threats. The ndings presented here indicate that these types of disasters are top of mind to many executives and that rms are dedicating effort and resources to prevent and react to such disasters. These include collaborative arrangements with supply chain partners, better preparation, and response plans. Moreover, it is likely that the SCS resources and strategies dedicated to prevent and react to man-made disasters can also help rms prepare for and respond to all types of disasters including natural disasters (i.e. provisions for reestablishing interrupted operations, protocols for disaster recovery, etc.). Therefore, the objective of this study is to use institutional theory to understand the drivers of SCS to gain a better understanding of why a rm does the things it does. The ndings from the interviews indicate that four primary areas create pressure for SCS: customers, government, competitors, and society. Each of these is discussed below. First, since 9/11, the government has imposed many standards, policies, and procedures for the ow of goods into, within, and out of the USA to protect citizens from acts of terrorism and other potential threats. Prior to 9/11, government initiatives

IJPDLM 39,7

608

for SCM were primarily focused on keeping the general public from being exposed to potentially harmful contaminates. However, the role the government plays in supply chains has changed to imposing security regulations and requirements (Staff, 2003). A few of the new government initiatives impacting supply chains include: C-TPAT; CSI; Safe and Secure Tradelanes; FAST and Advanced Manifest Rule. Other SCS researchers (Eggers, 2004; Rice and Spayd, 2005) have also found that compliance with government regulations or voluntary programs are often the reason for investing in SCS. While most of the government initiatives are voluntary, some are mandatory. For example, nes of $25,000 per day can be imposed on organizations by the Coast Guard as part of new DHS security requirements (Steinman, 2004). These prior ndings combined with the ndings in the current study indicate that government pressure has caused rms to engage in security initiatives and/or comply with security expectations. Government pressure is a force, persuasion, or invitation that is applied both implicitly and explicitly by governmental agencies, which is adopted to comply or avoid sanctioning. Since the government has taken such a large role in security, many organizations are often left with no choice but to dedicate resources to SCS efforts. Some rms even take a preemptive approach to the environmental pressure by working with the government on establishing and testing the security programs. Furthermore, voluntary government programs, such as C-TPAT, are becoming standards, such that organizations have to comply to stay competitive. Additionally, as SCS becomes more standardized, it is suspected that the government will become more inuential in SCS development. Second, when it comes to SCS, customers are demanding better security in the ow of goods and, in order to remain competitive and protable, rms are responding. As supply chains become leaner, it is not surprising that customers are dictating SCS. Long-term relationships, which have long been the focus of industrial distribution, marketing, and supply chain research, all indicate that commitment, trust, and communication (among other factors) are relationship elements that can have a positive impact on the performance of the involved rms (Lambert et al., 2004). For example, Maloni and Benton (2000) suggest that strong buyer-seller relationships lead to the achievement of supply chain objectives from the involved parties. Security issues in supply chain relationships are another issue that organizations must now address. As such, customers are creating security requirements they feel best suit their needs and are pushing the initiatives up the supply chain. Whether it is because of an existing long-term commitment or the desire to create one, supplier rms are listening. It is important to note that the results of this study indicate that SCS initiatives ow one-way in the supply chain: upward. There was no mention by any of the respondents of suppliers dictating security requirements to customers. Rather, customers dictate and suppliers adhere to the desired standards. Interestingly, this nding is contrary to the framework presented by Carter and Ellram (1998) of drivers behind reverse logistics business practices in organizational supply chains. These researchers propose that in addition to the similar drivers of the government, customers, and competitors presented here that suppliers also act as a driver behind reverse logistics practices. Given that competitors, customers, and the government have much inuence on supply chains, it is not surprising that these drivers are consistent between different supply chain aspects. However, in the current study, suppliers were not identied by the respondents as having an impact on SCS.

As the ndings indicate, customers are increasingly making stringent demands of their suppliers for security efforts. Customer pressure is dened as a force, persuasion, or invitation that is applied both implicitly and explicitly by customers to which rms must respond. Suppliers of all kinds are answering the customers call for security through the development of programs, changes to operations, and to illustrate that their practices are secure. Third, since winning strategies in the marketplace tend to attract imitators, it is not surprising to nd that competitors can also drive SCS practices. Competition among supply chains can be intense, especially considering that is it not uncommon to nd that supplying rms are also competitors. Given that SCS is relatively new, not many best practices of SCS have been identied. As a result, rms are attempting to interpret what best practices are by analyzing marketplace competitors. As SCS continues to evolve, it will be imperative for rms to understand security best practices in their respective industries and competitors are good resources to provide that information. Based on the ndings related to competitors, it becomes salient that the competitive marketplace is causing organizations to become more security minded. Competitor pressure is dened as the pressure applied by the competitive marketplace creating the desire to appear similar to others by mimicking structures, practices, or outputs. Also, adopting the actions of the competition can protect an organization from the criticisms of competition (King and Lennox, 2001). This pressure helps explain why management practices are adopted when no empirical evidence exists to indicate performance benets (Abrahamson, 1996). Finally, since there is now a heightened awareness of the possibility of man-made disasters to supply chains, it is not surprising that societal reasons also caused rms to initiate SCS. Shef (2005) notes that organizations now have a higher responsibility to members of a society, which suggests that efforts are needed for SCS. Sources of this pressure can come from formal education, trade associations, professional groups, and even societal norms. In recent years, corporate social responsibility has become an important part of many organizational categories. Many interviewees suggested that organizations feel pressure from society because they do not want to be the next news story describing security negligence that led to harm of the general public. The societal pressure is twofold. First and foremost, rms feel a sense of responsibility to guard society by dedicating resources to keeping supply chains free from breaches that can harm the general public. Respondents did not want to bear the responsibility of being involved with harm of any member of society. If an organization were to have a serious SCS breach occur and had chosen to reject the pressure applied by society, it would likely suffer consequences that would be irreversible. Second, many rms spend tremendous resources on developing a strong, recognizable brand. Respondents expressed that by protecting society, they were also protecting their brand. Based on the comments by respondents, societal pressures are dened as cultural values and norms in which organizations attempt to benet society through organizational behavior. Societal pressures include doing the right thing attitudes and are causing organizations to take on security efforts. Theoretical contributions This research used institutional theory as the theoretical framework to understand what drives SCS. Results of qualitative depth interviews revealed that organizations

Institutional theory approach

609

IJPDLM 39,7

610

perceive pressure from sources such as customers, governmental agencies, competitors, and society. This presents a strong addition to theoretical knowledge concerning SCM as these drivers can be linked to the three environmental pressures discussed by institutional theory: coercive, normative, and mimetic pressures. This relationship is shown in Figure 1. First, coercive pressures are those that come through as force, persuasions, and invitations to participate with other external environment members. Often, coercive institutional pressures take the form of governmental regulations or laws. However, in this study, it was determined that customers are also exerting power and control when it comes to SCS. Force, persuasion, and coercion are not new topics to interorganizational relationships. Discussions of channel power have been illustrated in academic literature for well over 30 years (Hunt and Nevin, 1974; Stern and El-Ansary, 1977), with recent applications of supply chain relationships (Maloni and Benton, 2000; Williams and Moore, 2007). However, security requirements may be a new twist to the power elements between rms, as customers are causing supplying rms to enact security programs, whether these rms want to or not. Using the traditional power bases, this action would be classied as coercive power. Further, customers making security requirements of their suppliers may also have an implication on relationships. Traditionally, relationship literature discusses elements of commitment and trust. However, with customers creating security demands, the sense of security may become standard in interorganizational relationships. Second, organizations conform to environmental pressures because of moral and ethical obligations and what is expected of them (Scott, 1995). Essentially, these normative pressures are considered the legitimate way that things should be done. The suggestion that societal pressure is a primary reason that organizations are initiating SCS supports the work of Shef (2005) who suggests that organizations now have a higher responsibility in securing their assets and operations. The ndings here indicate that organizations are feeling and responding to the need for security. This presents a new notion for interorganizational relationships: can multiple rms work together to
Coercive pressures Normative pressure Mimetic pressure

Government

Customers

Society

Competitors

Figure 1. Model of the drivers of SCS

Supply chain security

create a collective benet for society? A related topic in supply chain research is the greening of the supply chain (Rao and Holt, 2005). The nal pressure is mimetic. This force is used to explain why organizations in an environment end up looking similar to one another. Mimetic force happens when institutions mimic one anothers structures, practices, etc. More specically, the competitors in a rms environment create practices and actions that everyone in the environment adopts in an effort to remain competitive. Mimetic pressures emerge when new or problematic situations arise in an environment. The mimicking occurs when organizations model themselves after other organizations that they believe are adequately managing their business to survive environmental conditions. Understanding the cause for change is critical for academic researchers. Of the literature dedicated to SCS, 9/11 is often cited as the catalyst of change. While that terrorist attack was the change agent, the underlying causes of change are pressures that rms experience from the environment in which they operate. Understanding the reasons for change is the rst step for further exploring a new phenomenon. Given the output of this research, academic researchers should investigate how different pressures may result in different types of SCS activities. Managerial contributions As supply chains increasingly become global, rms will be forced to adopt strategies for the secure ow of goods from raw material to end consumer. In order for managers involved in supply chains to make sound decisions, they must gain a better understanding of why some of those decisions are being initiated in the rst place. When it comes to SCS, the decisions to be made are not always easy, thus managers will benet from understanding the sources of the decisions to be made. The ndings of this study indicate that governmental requirements are a primary driver of SCS initiatives. Going forward, managers are going to need to work with governing bodies to successfully ensure SCS. As such, managers should use this knowledge to start working more collaboratively with government agencies. Additionally, security issues are increasingly atop the minds of many end consumers, which requires all supply chain members to take a look at security measures. Given that customers are a driver of security in the supply chain, managers should take notice and devise plans to elicit that information from primary customers. Furthermore, since customers are drivers of SCS efforts, supplying rms should consider using this information as a segmenting technique. By better understanding customer needs for SCS, supplying rms can use security requirements to develop tailored security programs. Finally, the ndings suggest that marketing security is going to become a key attribute to acquiring and retaining customers in the future. The current research should also help managers to increase their competitor intelligence. Currently, organizations conduct a variety of competitive marketplace intelligence generation. In the future, managers will need to update environmental scanning processes to include competitor SCS practices. Finally, managers should be working with members of society to better understand their expectations of security. In order to be corporate stewards, managers need to take SCS efforts seriously as society has deemed these factors to be important. Organizations may also need to dedicate resources to help educate the general public on security issues and what their organization is doing to make sure that society will be safe.

Institutional theory approach

611

IJPDLM 39,7

612

Future research As the expectations for security become greater, SCS should be viewed as an intraorganizational boundary spanning activity. For example, SCS may very well span from supply chain operations into marketing. During the interviews, it was suggested that SCS would soon become a marketing tactic. As customers are a key driver of initiating SCS, marketing may have a large role to play in working with customers to satisfy their SCS needs. In addition, marketing and supply chain research would each benet from investigating SCS as a segmentation technique. It is clear that many public and private initiatives are in place to create SCS. While this research does discuss government involvement in SCS, the evaluation only comes from one perspective: the private sector. Therefore, future research should work with the public sector to gain a holistic view of SCS. For example, research many try to work with government agents to gather a best practice list for public entities importing and exporting goods. Future research needs to further evaluate security issues relative to retailer SCS. Retailers are the last link before consumers in the supply chain. The recent barrage of consumer recalls (toys, food, etc.) indicates that consumers are susceptible to being impacted by goods distributed through retail outlets. As a result, retailers may have more security requirements placed on them because they engage in providing goods to the general public. Their drivers, strategies, and outcomes are likely to be very different from other supply chain members. In the future, research on SCS should investigate dyadic SCS relationships. For example, rm A may indicate that their security efforts are above average. However, rm B with a standing relationship with A may have a very different view of the security efforts. Further, when it comes to relationships and security, additional research is needed to better understand how security impacts organizational relationships (i.e. the interaction with trust and commitment). This research focuses on the physical security of goods. However, supply chains consist of more than just goods; information ow is a critical piece of effective SCM. For example, greater emphasis has recently been placed on the importance of securing data as it passes through the supply chain. Therefore, additional research is needed in terms of how information security is part of overall SCS management. This may also require boundary-spanning efforts with supply chain and information technology. The sample composition was intentional in that it included many different industries. That was appropriate in that the phenomenon of interest is relatively new and under researched. It is, however, recognized that some industries may experience different levels of pressure from different sources. For example, a food manufacturer may feel more pressure to develop SCS programs since they likely have more governmental guidelines to follow. This also presents an opportunity for more research in this area: understanding institutional pressures unique to various industry supply chains. Finally, the ndings of this study should be tested empirically. Empirical testing would further substantiate or falsify the drivers presented here. In addition, empirical testing might also be able to suggest if certain types of drivers result in different types of SCS strategies. This testing should control for variations in SCS practices that are the result of different industries. A limitation of note in the current study is the variety of industries represented in the nal sample. This can somewhat confound the ndings

in that higher or lower security needs can be found in different industries. For instance, pharmaceutical and food industries could be investigated and compared versus other industries such as light consumer electronics. These industry characteristics can cause greater or lesser inuence across the four sources of environmental pressure. Conclusion As managers have become more aware of the threat to supply chains, there has not only been a focus on making supply chains more efcient but also on making them more secure. Thus, this study responds to the calls for research on strategic issues related to SCS (Tang, 2006), into external persuasions on organizational adoption of SCS initiatives (Haughton, 2007), and on the impact of coercive pressures on the supply chain (Darnell, 2006). The depth interviews revealed that various institutional pressures (government, customers, competitors, society) act as drivers that cause rms to create a secure supply chain. Furthermore, these drivers are discussed by institutional theory as coercive, normative, and mimetic pressures. These drivers motivate rms to engage in strategies to prevent supply chain disasters. This study is important for practitioners and academics. As the study of security measures in the supply chain grows in importance, this study provides a foundation for understanding why security efforts are enacted. With resources being scarce, it is important for all managers to understand why additional allocations of funds to activities such as security are relevant for all organizations. To justify the allocation of resources, it is imperative to understand the underlying reasons (drivers) of change. For example, it is important for supply chain managers to understand that governmental pressures are being applied to rms to become more security focused. The understanding that government pressure is being applied may provide motivation for rms to take a more active role in government programs both for those already in progress and those that are in developmental stages.
References Abrahamson, E. (1996), Management fashion, Academy of Management Review, Vol. 21 No. 1, pp. 254-85. Bailey, K. (1994), Methods of Social Research, 4th ed., The Free Press, New York, NY. Carter, C.R. and Ellram, L.M. (1998), Reverse logistics: a review of the literature and framework for future investigation, Journal of Business Logistics, Vol. 19 No. 1, pp. 85-102. Christopher, M. and Peck, H. (2004), Building the resilient supply chain, International Journal of Logistics Management, Vol. 15 No. 2, pp. 1-14. Closs, D.J. and McGarrell, E.F. (2004), Enhancing security throughout the supply chain, Special Report Series, IBM Center for The Business of Government, available at: www. businessofgovernment.org Czinkota, M.R. and Knight, G.A. (2005), Managing the terrorist threat, European Business Forum, Vol. 20, pp. 42-5. Czinkota, M.R., Knight, G.A., Liesch, P.W. and Steen, J. (2005), Positioning terrorism in management and marketing: research propositions, Journal of International Management, Vol. 11 No. 4, pp. 581-604. Darnell, N. (2006), Why rms mandate ISO 14001 certication, Business & Society, Vol. 45 No. 3, pp. 354-81.

Institutional theory approach

613

IJPDLM 39,7

614

DiMaggio, P.J. and Powell, W.W. (1983), The iron cage revisited: institutional isomorphism and collective rationality in organizational elds, American Sociological Review, Vol. 48, pp. 147-60. Eggers, W.D. (2004), Prospering in the secure economy, A Deloitte Research Study, Deloitte Touche Tohmatsu, New York, NY, available at: www.deloitte.com Falkner, R. (2003), Private environmental governance and international relations: exploring the links, Global Environmental Politics, Vol. 3 No. 2, pp. 72-87. Fennell, M. and Alexander, J.A. (1987), Organizational boundary spanning in institutional environments, Academy of Management Review, Vol. 87 No. 3, pp. 456-76. Golicic, S.L. and Mentzer, J.T. (2005), Exploring the drivers of interorganizational relationship magnitude, Journal of Business Logistics, Vol. 26 No. 2, pp. 47-71. Goodstein, J.D. (1994), Institutional pressures and strategic responses: employer involvement in work-family issues, Academy of Management Journal, Vol. 37 No. 2, pp. 350-82. Greening, D.W. and Gray, B. (1994), Testing a model of organizational response to social and political issues, Academy of Management Journal, Vol. 37 No. 3, pp. 467-98. Grewal, R. and Dharwadkar, R. (2002), The role of the institutional environment in marketing channels, Journal of Marketing, Vol. 66, pp. 82-97. Hatch, M.J. (1997), Organizational Theory: Modern, Symbolic, and Postmodern Perspectives, Oxford University Press, New York, NY. Haughton, M.A. (2007), Examining the business case for shipper participation in Canada-USA trade security programmes, International Journal of Logistics Research and Applications: A Leading Journal of Supply Chain Management, Vol. 10 No. 4, pp. 1-17. Health and Human Services Web site (2008), The US Department of Health and Human Services, available at: www.hhs.gov/disasters/emergency/manmadedisasters/index.html (accessed January 31, 2008). Hoffman, A.J. (1997), From Heresy to Dogma: An Institutional History of Corporate Environmentalism, New Lexington Press, San Francisco, CA. Hoffman, A.J. (1999), Institutional evolution and change: environmentalism and the US chemical industry, Academy of Management Journal, Vol. 42 No. 4, pp. 351-71. Hunt, S.D. and Nevin, J.R. (1974), Power in a channel of distribution: sources and consequences, Journal of Marketing Research, Vol. 11 No. 2, pp. 186-93. Ingram, P. and Simons, T. (1995), Institutional and resource dependence determinants of responsiveness to work family issues, Academy of Management Journal, Vol. 38 No. 5, pp. 1466-82. Jennings, P.D. and Zandbergen, P.A. (1995), Ecologically sustainable organizations: an institutional approach, Academy of Management Review, Vol. 20 No. 4, pp. 1015-52. Karkkainen, M., Laukkanen, S., Sarpola, S. and Kemppainen, K. (2005), Roles of interrm information systems in supply chain management, International Journal of Physical Distribution & Logistics Management, Vol. 37 No. 4, pp. 264-86. Khalifa, M. and Davison, R.M. (2006), SME adoption of IT: the case of electronic trading systems, IEEE Transactions on Engineering Management, Vol. 53 No. 2, pp. 275-84. King, A. and Lennox, M. (2001), Who adopts management standards early? An examination of ISO 14001 certications, in Nagao, D. (Ed.), Best Paper Proceedings: Fifty-Ninth Meeting of the Academy of Management, Academy of Management, Washington, DC, pp. A1-A6. Lambert, D.M., Knemeyer, A.M. and Gardner, J.T. (2004), Supply chain partnerships: model validation and implementation, Journal of Business Logistics, Vol. 25 No. 2, pp. 21-42.

Lau, K.H. and Zhang, J. (2006), Drivers and obstacles of outsourcing practices in China, International Journal of Physical Distribution & Logistics Management, Vol. 36 No. 10, pp. 776-92. McCracken, G. (1988), The Long Interview, Sage, Beverly Hills, CA. McFarland, R.G., Bloodgood, J.M. and Payan, J.M. (2008), Supply chain contagion, Journal of Marketing, Vol. 72, pp. 63-79. Maier, D.D. (2005), Inuences on executives perceptions of consulting, dissertation, Benedictine University, Lisle, IL. Maloni, M. and Benton, W.C. (2000), Power inuences in the supply chain, Journal of Business Logistics, Vol. 21 No. 1, pp. 49-73. Manuj, I. and Mentzer, J.T. (2008), Global supply chain risk management strategies, International Journal of Physical Distribution & Logistics Management, Vol. 38 No. 3, pp. 192-223. Meyer, J.W. and Rowan, B. (1977), Institutionalized organizations: formal structure as myth and ceremony, The American Journal of Sociology, Vol. 83 No. 2, pp. 340-63. Naslund, D. (2002), Logistics needs qualitative research especially action research, International Journal of Physical Distribution & Logistics Management, Vol. 32 No. 5, pp. 321-38. Peck, H. (2005), Drivers of supply chain vulnerability: an integrated framework, International Journal of Physical Distribution & Logistics Management, Vol. 35 No. 4, pp. 210-32. Powell, W.W. and DiMaggio, P.J. (1991), The New Institutionalism in Organizational Analysis, University of Chicago Press, Chicago, IL. Prokop, D. (2004), Smart and safe borders: the logistics of inbound cargo security, The International Journal of Logistics Management, Vol. 15 No. 2, pp. 65-75. Rao, P. and Holt, D. (2005), Do green supply chains lead to competitiveness and economic performance?, International Journal of Operations & Production Management, Vol. 25 No. 9, pp. 898-916. Rice, J.B. Jr and Caniato, F. (2003), Building a secure and resilient supply network, Supply Chain Management Review, Vol. 7 No. 5, pp. 22-30. Rice, J.B. Jr and Spayd, P.W. (2005), Investing in supply chain security: collateral benets, Special Report Series, IBM Center for The Business of Government, available at: www.ibm.com Rinehart, L.M., Myers, M.B. and Eckert, J.A. (2004), Supplier relationships: the impact on security, Supply Chain Management Review, Vol. 8 No. 6, pp. 52-9. Rittner, L., Barrett, J.M. and Wilson, R. (2007), Securing Global Transportation Networks: A Total Security Management Approach, McGraw-Hill, New York, NY. Sawhney, R. and Sumukadas, N. (2005), Coping with customs clearance uncertainties in global sourcing, International Journal of Physical Distribution & Logistics Management, Vol. 35 No. 4, pp. 278-95. Scott, W.R. (1987), The adolescence of institutional theory, Administrative Science Quarterly, Vol. 32 No. 4, pp. 493-511. Scott, W.R. (1995), Institutions and Organizations, Sage, Thousand Oaks, CA. Scott, W.R. (1998), Organizations: Rational, Natural, and Open Systems, Prentice-Hall, Upper Saddle River, NJ. Scott, W.R. (2001), Institutions and Organizations, 2nd ed., Sage, Thousand Oaks, CA. Scott, W.R. (2005), Institutional theory: contributing a to theoretical research program, in Smith, K.G. and Hitt, M. (Eds), Great Minds in Management: The Process of Theory Development, Oxford University Press, Oxford, pp. 460-84.

Institutional theory approach

615

IJPDLM 39,7

Selznick, P. (1957), Leadership in Administration: A Sociological Perspective, Harper & Row, New York, NY. Selznick, P. (1984), Leadership in Administration, Peterson, Evanston, IL. Shawdon, C. (2006), What do global shippers really think, Supply Chain Management Review, Vol. 10 No. 9, pp. 6-9.

616

Shef, Y. (2001), Supply chain management under the threat of international terrorism, International Journal of Logistics Management, Vol. 12 No. 2, pp. 1-11. Shef, Y. (2005), The Resilient Enterprise: Overcoming Vulnerability for Competitive Advantage, MIT, Cambridge, MA. Sheu, C., Lee, L. and Niehoff, B. (2006), A voluntary logistics security program and international supply chain partnership, Supply Chain Management: An International Journal, Vol. 11 No. 4, pp. 363-74. Shunk, D.L., Carter, J.R., Hovis, J. and Talwar, A. (2007), Electronics industry drivers of intermediation and disintermediation, International Journal of Physical Distribution & Logistics Management, Vol. 37 No. 3, pp. 248-61. Slack, T. and Hinings, B. (1994), Institutional pressures and organizational change: an empirical test, Organizational Studies, Vol. 15 No. 6, pp. 803-27. Spekman, R.E. and Davis, E.W. (2004), Risky business: expanding the discussion on risk and the extended enterprise, International Journal of Physical Distribution & Logistics Management, Vol. 34 No. 5, pp. 414-33. Staff (2003), Supply chain challenges: building relationships, Harvard Business Review, Vol. 81 No. 7, pp. 64-73. Steen, J., Liesch, P.W., Knight, G.A. and Czinkota, M.R. (2006), The contagion of international terrorism and its effects on the rm in an interconnected world, Public Money & Management, Vol. 26 No. 5, pp. 305-12. Steinman, C. (2004), The Unnished Agenda Transportation Security Survey, Deloitte Services LP, Aviation and Transport Services Industry, New York, NY, available at: www.deloitte. com Stern, L.W. and El-Ansary, A. (1977), Marketing Channels, Prentice-Hall, Englewood Cliffs, NJ. Strauss, A. (1990), Basics of Qualitative Research: Grounded Theory Procedures and Techniques, Sage, Newbury Park, CA. Strauss, A. and Corbin, J. (1998), Basics of Qualitative Research: Grounded Theory Procedures and Techniques, Sage, Thousand Oaks, CA. Suchman, M.C. (1995), Managing legitimacy: strategic and institutional approaches, Academy of Management Review, Vol. 20 No. 3, pp. 571-610. Tang, C.S. (2006), Robust strategies for mitigating supply chain disruptions, International Journal of Logistics: Research and Applications, Vol. 9 No. 1, pp. 33-45. Teo, H.H., Wei, K.K. and Benbasat, I. (2003), Predicting intention to adopt interorganizational linkages: an institutional perspective, MIS Quarterly, Vol. 27 No. 1, pp. 19-49. Thibault, M., Brooks, M.R. and Button, K.J. (2006), The response of the U.S. maritime industry to the new container security initiatives, Transportation Journal, Vol. 45 No. 1, pp. 5-15. Tolbert, P.S. and Zucker, L.G. (1996), The institutionalization of institutional theory, in Clegg, S.R., Nord, W.N. and Hardy, C. (Eds), Handbook of Organization Studies, Sage, Thousand Oaks, CA, pp. 175-90.

Venus Lun, Y.H., Wong, C.W.Y., Lai, K.-H. and Cheng, T.C.E. (2008), Institutional perspective on the adoption of technology for the security enhancement of container transport, Transport Reviews, Vol. 28 No. 1, pp. 21-33. Williams, Z. and Moore, R. (2007), Supply chain relationships and information capabilities: the creation and use of information power, International Journal of Physical Distribution & Logistics Management, Vol. 37 No. 6, pp. 469-83. Williams, Z., Lueg, J.L. and LeMay, S.A. (2008), Supply chain security: an overview and research agenda, International Journal of Logistics Management, Vol. 19 No. 2, pp. 254-81. Wilson, R. (2005), Security report card not making the grade; 16th annual state of logistics report, White Paper, Council of Supply Chain Management Professionals, Lombard, IL, available at: www.cscmp.org Zsidisin, G.A., Melnyk, S.A. and Ragatz, G.L. (2005), An institutional theory perspective of business continuity planning for purchasing and supply chain management, International Journal of Production Research, Vol. 43 No. 16, pp. 3401-20. Zucker, L.G. (1977), The role of institutionalism in cultural persistence, American Journal of Sociology, Vol. 42 No. 5, pp. 726-43. Zucker, L.G. (1987), Institutional theories of organization, Annual Review of Sociology, Vol. 13, pp. 443-64. Appendix. Qualitative interview guide Opening . Introductions of primary researcher and participant. . Explanation of the study. . Condentiality agreement. . Permission to audiotape. . Provide Closs and McGarrell (2004) denition of supply chain security. Demographic data . Title of participant, current job title, years of experience. General questions . Why or what has caused your organization to develop or implement supply chain security? . How has supply chain security management impacted your organization? . Why has supply chain security management impacted your organization? . What activities help create supply chain security management at your organization? Other probing questions . Can you explain that in more detail? . Can you provide an example of that? About the authors Zachary Williams is an Assistant Professor of Marketing and Logistics at Central Michigan University. He received his PhD from Mississippi State University. He has published articles in the International Journal of Physical Distribution & Logistics Management, the Journal of Business Logistics, and the International Journal of Logistics Management, among others. His dissertation research on supply chain security was recognized with awards from the Institute for

Institutional theory approach

617

IJPDLM 39,7

618

Supply Management and the Supply Chain Management Research Center in the Sam Walton College of Business at the University of Arkansas. Zachary Williams is the corresponding author and can be contacted at: willilzs@cmich.edu; zac.williams@cmich.edu Jason E. Lueg is an Associate Professor of Marketing at Mississippi State University. He holds a PhD and MBA from The University of Alabama. His professional experience includes positions in the banking industry in both operations/compliance and commercial lending. His research and teaching interests are in the areas of supply chain management, retailing, and strategy. Ronald D. Taylor is a Professor of Marketing and Associate Dean at Mississippi State University. He is a fellow with both the Society for Marketing Advances and the Marketing Management Association. Robert L. Cook is a Professor of Marketing and Logistics at Central Michigan University. He received his PhD in Marketing at Michigan State University. His primary research interests have been in the areas of applying information system technologies to logistics systems, supply chain structure and logistics education.

To purchase reprints of this article please e-mail: reprints@emeraldinsight.com Or visit our web site for further details: www.emeraldinsight.com/reprints