Search results

Many governments and public organizations are turning to shared service arrangements to decrease costs while increasing service levels. This paper aims to elucidate the fine-grained challenges managers face as they adjust to working under a shared service arrangement.

A two-year longitudinal ethnographic field study followed the IT shared service transformation process at a large public university. Meeting observations, emails, documents and interviews were used in the qualitative analysis.

The research identifies 11 challenges faced by management undergoing a transition to shared services. The authors use a taxonomy of management challenges based on the organizational perspectives literature (Knol et al., 2014) to organize the challenges and relate them to prior literature.

The novel findings include the importance of changing organizational culture, balancing dual interests of cost and customer focus, establishing a sense of urgency and achieving process standardization through practicing when adopting a shared service arrangement. The results from a single case study may not by generalizable to other organizations.

This study provides a nuanced and fine-grained understanding of the managerial challenges of adopting IT-shared services. This unique longitudinal data set describes in nuanced detail the challenges faced by frontline managers.

Action research (AR), which emphasises collaboration between researchers and practitioners, is a qualitative research method that has much potential for the information systems (IS) field. AR studies of IS phenomena are now beginning to be published in the IS research literature. However, the rigour of many AR studies in IS can be improved. When AR has been published, the findings have frequently been emphasised at the expense of the process. In this article, we look at the process in AR projects, and look at some of the key choices and alternatives in controlling AR. We discuss three aspects of control: the procedures for initiating an AR project, those for determining authority within the project, and the degree of formalisation. We analyse seven recent AR projects in IS and from this analysis distil recommendations for determining these control structures.

The purpose of this paper is to develop and evaluate an integrated computer abuse model that incorporates both organizational abuse settings and the psychological processes of the abuser.

The paper developed an emote opportunity (EO) model through a comprehensive literature review and conducted a case study to evaluate the explanatory and prescriptive usefulness of the model.

The EO model helps explain the interaction between organization-centric factors and individual-centric factors. It also helps explain how potential computer abusers elicit an emotion process component that ultimately contributes to computer abuse behaviors. The model connects both organizational external regulation processes and individual internal regulation processes to emote process components of potential abusers.

The study considers only organizational computing resources as the target of computer abuse. The model is evaluated by historical data from a computer abuse case. Future research with contemporary empirical data would further evaluate these findings. Organizations should be aware of the opportunities they create for abuse and the emotional state-of-mind of potential abusers within organizations.

Organizations should take a holistic approach that incorporates personal emotions and organizational abuse opportunity settings to prevent computer abuse.

A multilevel, integrated EO model incorporating organizational environment and individual emotion processes provides an elaborated and holistic understanding of computer abuse. The model helps organizations consider the emotional state-of-mind of abusers as well as their organizational situation.

There is an increasing movement towards emergent organizations and an adaptation of Web‐based information systems (IS). Such trends raise new requirements for security policy development. One such requirement is that information security policy formulation must become federated and emergent. However, existing security policy approaches do not pay much attention to policy formulation at all – much less IS policy formulation for emergent organizations. To improve the situation, an information security meta‐policy is put forth. The meta‐policy establishes how policies are created, implemented and enforced in order to assure that all policies in the organization have features to ensure swift implementation and timely, ongoing validation.

Examines Just‐in‐Time (JIT) from its evolution as a Japanese concept through to a review of its philosophy and implementation. Cites several techniques of implementation. Includes a review of the early work of various researchers and practitioners. Concludes that JIT is a very effective manufacturing philosophy which is universal in nature encompassing all aspects of manufacturing. Suggests a few deficiencies in current literature.

Information security has increasingly been in the headlines as data breaches continue to occur at alarming rates. This paper aims to propose an Information Security Preparedness Model that was developed to examine how SME executives’ perceptions of security importance, implementation challenges and external influences impact their awareness and commitment to security preparedness.

Funded by the Department of Justice, a national survey of SME executives’ perceptions of information security preparedness was conducted. Using PLS-SEM, the survey responses were used to test the proposed Information Security Preparedness Model.

The results indicate that as perceptions of security importance and external influences increase, SME executives’ awareness and commitment to information security also increases. In addition, as implementation challenges increase, awareness and commitment to information security decreases. Finally, as security importance and awareness and commitment to information security increases, executives’ perception of security preparedness also increases.

Executive perceptions of information security were measured and not the actual level of security. Further research that examines the agreement between executive perceptions and the true state of information security within the organization is warranted.

Prior information security studies using Roger’s (1975, 1983) Protection Motivation Theory have produced mixed results. This paper develops and tests the Information Security Preparedness Model to more fully explain SME executive’s perceptions of information security.

While a number of IS security researchers consider the threat posed by employees who perpetrate computer crime, there is currently a lack of insight into how the offender interacts with the criminal context both prior to and during commission. A greater understanding of this relationship may complement existing security practices by possibly highlighting new areas for safeguard implementation. To help facilitate a greater understanding of the offender/environment dynamic, this paper, therefore, aims to assess the feasibility of applying three criminological theories to the IS security context. Rather than focusing on why people become criminals, these theories entitled routine activity theory, environmental criminology and the rational choice perspective, focus on the criminal act.

Drawing on an account of the Barings Bank collapse, events highlighted in the case study are used to assess whether concepts central to the theories are supported by the data.

Analysis indicates support for the concepts central to environmental criminology and the rational choice perspective. While case study evidence supports two of the concepts advanced by routine activity theory, as a whole the theory is found wanting, as the “guardianship” and “handled offender” concepts appear to lack the necessary sophistication to theoretically accommodate and explain supervisory and control failings cited in the case study.

While future research could encompass continued application of the theories to further assess their suitability for the IS domain, consideration could also be given to the application of the preventive tools and methods which have been developed in tandem with the three criminological approaches. Another stream of future research may involve the application of the theories in conjunction with existing security practices.

Greater knowledge of the offender/context dynamic may feasibly enhance existing security practices by possibly highlighting new areas for safeguard implementation.

From an IS security perspective, there is currently a lack of insight into the offender/context dynamic. The paper presents a group of criminological theories, which have previously not been considered for application in the IS context. The theories may feasibly throw light on the behaviour of offenders in the criminal context, both prior to and during commission.

The purpose of the paper is to determine whether management’s optimistic perceptions of their organization’s level of information security preparedness can ultimately result in increased information security risks.

A case study was conducted in a financial institution. In all, 24 employees were interviewed. These employees came from all functional areas and various positions, from tellers to executives. Interviews were conducted, internal policies and examiners’ reports were made available and access was given to observe the employees during working hours and to observe the facilities after hours.

Executives were overly optimistic about the level of information security at their organization. These optimistic perceptions guided security priorities; however, the findings show that their perceptions were misguided leaving their organization open to increased security threats. More specifically, the results show that optimist perceptions by management can put an organization’s information at risk.

The paper uses existing theory and evaluates it in a “real-world” setting. For security research, it can be difficult to get honest responses from questionnaires; however, the hands-on approach provided a deeper insight to the problem of optimistic perceptions in an organizational setting. For practitioners, the case can raise managements’ awareness of perceptional inaccuracies, resulting in more informed information security decisions and ultimately improved security for their organization.

This research presents uncomfortable questions about the viability of alternative energy technologies, which arise during economic contraction and degrowth but are scarcely addressed within media and academia.

The author identifies and graphically illustrates differences between media expectations for renewable energy production versus energy reduction strategies. The author contrasts green energy expectations with material factors to develop unasked questions about potential: urban myths (e.g. solar cells are made from sand), assumptions (e.g. alternative energy is of comparable quality to fossil fuel energy and can offset its use), strategic ignorance (e.g. solar cost drops reflect Moore’s law), and trained incapacity (e.g. solar and wind energy is low- or zero-carbon).

Compared to energy reduction coverage, journalists cover energy production using 1) more character-driven storytelling, 2) about twice the promising language, and 3) far more references to climate change and energy independence. These observations help loosely illustrate a pervasive energy production ethos, a reflexive network including behaviors, symbols, expectations, and material conditions.

Fascination with alternative energy may serve as a form of techno-denial to avoid facing the uncertain but inevitable end of growth in consumption and population on our finite planet.

This paper offers journalists, policymakers, researchers, and students new, unasked, questions regarding the expectation that alternative energy technologies can replace fossil fuel. For instance, if wind and sunlight are free, why are wind and solar energies so expensive, requiring billions in subsidies? Where do solar cell and wind turbine costs ultimately arise, if not from fossil fuels (via labor, materials, etc.)?

GLASGOW was later by about one hundred and thirty years than some of the Scotch towns in establishing a printing press. Three hundred years ago, though Glasgow contained a University with men of great literary activity, including amongst others Zachary Boyd, there does not appear to have been sufficient printing work to induce anyone to establish a printing press. St. Andrews and Aberdeen were both notable for the books they produced, before Glasgow even attempted any printing.