Daniel C. Phelps

Area Head, Information Systems
Associate Teaching Professor, Information Systems

[ + ]


Daniel C. Phelps is an associate teaching professor and the area head for the Information Systems Program at Carnegie Mellon University in Qatar. Previously, he was a member of the technical staff and information scientist with CMU’s Software Engineering Institute/CERT both in Pittsburgh and in Qatar, as well as a faculty member in the College of Information, Florida State University in Panama City, FL.


Ph.D., Information Studies, Florida State University

M.Ed., Measurement, Evaluation, Statistics, and Assessment, University of Illinois at Chicago 

M.S. Computer Science, James Madison University

PGCert, Information Systems, Naval Postgraduate School 


Area Of Expertise

Information System Security

Clinical Informatics

Measurement and Statistics


Research Description

Phelps’ research interests center on socio-technical aspects of information system security and include control use in information systems, information system auditing, information security, and social and personality factors related to normative and non-normative system interactions. His research has examined factors associated with a systems administrator’s ability to secure information systems, IT control choice and implementation impacts on organizations, insider threats subverting the security of their organization’s systems, and the actions of larger groups attacking an outside organization’s system. 

Research Keywords

information systems security; information systems; socio-technical controls; non-normative system interaction


Publications – Monographs

Workman, M., Phelps, D., Gathegi, J. (2012). Information Security for Managers. Sudbury, MA: Jones and Bartlett. ISBN13: 9780763793012

Workman, M., Phelps, D., & Workman, J. (2006). Management of Infosec and a Guide to the Center for Immigration and National Security CINSecL1. Atlanta, GA: CINS Publications, eAselworx Press. ISBN: 0964957590

Publications – Journals and Whitepapers

Phelps, D.C. (2015) Information System Security for the Psychologist: An Introduction to the Field. Call Signs Vol 5(2)

Workman, M., Phelps, D.C. & Hare, R.C. (2013) A Study of Performative Hactivist Subcultures and Threats to Businesses, Information Security Journal: A Global Perspective, 22:4, 187-200

Phelps, D., Gathegi, J., Workman, M., Heo, M. (2012). Information System Security: Self-Efficacy and Implementation Effectiveness. Journal of Information System Security. Vol 8(1)

Milne, Kurt; Phelps, Dan. (Dec 2008). IT Controls: Good for Operations. The Internal Auditor 65:6 pg. 80

Milne, K. and Phelps, D. (2008). Leveraging IT Controls To Improve IT Operating Performance. Institute of Internal Auditors Research Foundation

Cappelli, D.M., Moore, A.P., Phelps, D., Shaw, E.D., & Trzeciak, R.F. (2007). Research methodology for the CERT insider threat project: Modeling human behavior in cyberspace (FOUO). Pittsburgh, PA: CERT Program, Survivable Enterprise Management, Carnegie Mellon University

Milne, K. & Phelps, D., ITPI Research Report: IT Controls Performance Study. Information Technology Process Institute, June 2007

Phelps, D., Kim, G., & Milne, K. (2006). Initial Findings from the IT Controls Benchmarking Study. Information Technology Process Institute, WhitePaper Series, February 2006 

Conference Presentations and Symposia

Phelps, D. “An Evaluation of Workman’s Model of Psychological Motives for Corporate Harassment Differentiated by Construal of Self.” Global IT Management Association Conference, St. Louis, MO, June 2015

Liginlal, D., Phelps, D., Lansine, K. “Tracking the Socio-Technical Barriers to Digital Identity Adoption in Arab Countries A Case Study of Qatar.” 9th International Conference on E-Governance (ICEG-2012), Cochin, Kerala, India, 29-30 December 2012

Phelps, D. “Hactivism: Perceived Injustice, Group Efficacy, and Action Tendencies.” 6th INTERPOL’s Group meeting MENA Region, Doha, Qatar, 20 March 2012

Phelps, D. “Hactivism: Perceived Injustice, Group Efficacy, and Action Tendencies.” QCERT – QIT- COM, Doha, Qatar, 6 March 2012

Phelps, D. “A Process Approach to Security.” Air Force Cyber Scientific Advisory Board, Boston, MA, 9 May 2007

Phelps, D. and Kim, G., “Phase Two of the IT Controls Benchmarking Survey.” IT Service Management Forum Conference, Salt Lake City, UT, 18 -21 September 2006

Phelps, D. and Gathegi, J., “Information Security Self-Efficacy.” Americas Conference on Information Systems (AMCIS), Mini Track: Socio-technical dimensions in IS Security, Acapulco, Mexico, 4 6 August 2006

Phelps, D. and Kim, G., “ITIL: Whats change got to do with it?” Information Systems Audit and Control Association (ISACA) 2006 International Conference, Adelaide, Australia, 31 July 2 August 2006

Phelps, D., “Change Control The Relationship Between IT Controls and Operational Measures.” Securities Industry Association Technology Management Conference, New York, NY, 22 June 2006

Phelps, D. and Milne, K., “Understanding the Audit, Operations, and Security Performance Impact of IT Control Activities.” Institute of Internal Auditors IT Audit Research Symposium, Austin, TX, 18 June 2006

Phelps, D., “IT Change Control: The Greatest Differentiator Between Good and Great.” IT Service Management Forum Conference, Minneapolis, MN, 17 May 2006

Phelps, D. and Kim, G., “The Pareto Principle of IT Controls.” IT Service Management Forum Conference, Cincinnati, OH, 27 April 2006

Phelps, D. and Kim, G., “Prioritizing Processes and Controls for Effective and Measurable Security.” Nebraska INFRAGUARD Security Metrics Workshop, Omaha, NE, 13 April 2006 

University Service

Chair, MOI Police Training Committee, 2012 – 2013
Chair, Undergraduate Conference in Information Systems, 2010, 2011, 2012
Program Chair, Undergraduate Conference in Information Systems, 2015, 2016
AIS Student Chapter Faculty Advisor 2009-2012, 2014 – Present

  • 2010 AIS Student Chapter Communication Award
  • 2012 IT Risk Management Case Competition 1st Place Award

Member, First Year Students Advisory Committee, 2009 – Present
Member, Second Year Students Advisory Committee, 2009 – Present
Member, Student Affairs hiring committee, 2015
Member, Librarian hiring committee, 2011 – 2012
Member, IS faculty hiring committee, 2011, 2012, 2015
Member, Head Librarian hiring committee, 2012
Member, Assistant to Associate Teaching Faculty Promotion Committee (x1)
Member, Outreach Review Committee, 2012
Member, Academic Review Board, 2012 – 2016 

Professional Activities


Journal of Information Systems Education (2015), ISSN 1055-3096
Journal of Information Privacy and Security (2015), ISSN 1553-6548 (Print), 2333-696X ( Online)
International Journal of Human Resources Development and Management, ISSN 1465-6612
International Journal of Business Environment, ISSN 1740-0589
America’s Conference on Information Systems (AMCIS), Spring 2014
America’s Conference on Information Systems (AMCIS), Spring 2012
Hawaii International Conference on System Sciences (HICSS-43), 5-8 January, 2010
9th International Business Information Management Association Conference (IBIMA), Marrakech, Morocco 4-6 January 2008
International Conference on Information Systems (ICIS), Fall 2007
America’s Conference on Information Systems (AMCIS), Spring 2006
Handbook of Information Security, H. Bigdoli, ed., John Wiley & Sons, 2005
ACM Special Interest Group for IT Education (SIGITE) conference, Fall 2005

Professional Society Memberships

Member, American Statistical Association, 2013 – Present
Associate, American Psychological Association, 2013 – Present
Member, Association for Information Systems, 2005 – Present
Student Chapter Development Committee, 2010 – Present
Secretary, Student Chapter Development Committee, 2011 – Present
Co-Chair, Student Chapter Awards Committee, 2011 – 2012
Executive Committee and Founding Member, Qatar ISOC Chapter, 2011 – 2013
Member, National Cybersafety Committee, 2010 – 2015
Member, American Library Association, 2010 – 2014 

Courses Taught

67-364 – Practical Data Science
67-272 – Application Design and Development
67-273 – Application Design and Development I
67-274 – Application Design and Development II 
67-102 – Concepts of Information Systems
67-301 – Networks and Telecommunications
67-280 – Information System Security
67-313 – Information Systems Audit and Controls
Independent Study – Various 
Senior Theses:

Marwa AlFakhri, 2012 – 2013
“The Effect of Displaying Privacy Information on The Arab Culture”

Fatema Akbar, 2012 – 2013
“What affects students acceptance and use of technology?”