30 resultados para critical information infrastructure
Resumo:
It has been suggested that, in order to maintain its relevance, critical research must develop a strong emphasis on empirical work rather than the conceptual emphasis that has typically characterized critical scholarship in management. A critical project of this nature is applicable in the information systems (IS) arena, which has a growing tradition of qualitative inquiry. Despite its relativist ontology, actor–network theory places a strong emphasis on empirical inquiry and this paper argues that actor–network theory, with its careful tracing and recording of heterogeneous networks, is well suited to the generation of detailed and contextual empirical knowledge about IS. The intention in this paper is to explore the relevance of IS research informed by actor–network theory in the pursuit of a broader critical research project as de? ned in earlier work.
Resumo:
The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given its rapidly developing cyber security policy. Since the 1990s, we could observe the creation of three broad areas of policy interest: cyber-crime, critical information infrastructures and cyber-defence. One of the main trends transversal to these areas is the importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.
Resumo:
As a means of benchmarking their position and assisting with anticipating an uncertain future, the identification of critical information systems (IS) management issues frameworks is becoming an increasingly important research task for both academics and industrialists. This paper provides a description and summary of previous work on identifying IS issues frameworks by reviewing 20 research investigations in terms of what they studied and how they were conducted. It also suggests some possible directions and methodologies for future research. The summary and suggestions for further work are applicable for issues framework research in the IS management field as well as in other business and management areas.
Resumo:
Purpose – Threats of extreme events, such as terrorist attacks or infrastructure breakdown, are potentially highly disruptive events for all types of organizations. This paper seeks to take a political perspective to power in strategic decision making and how this influences planning for extreme events. Design/methodology/approach – A sample of 160 informants drawn from 135 organizations, which are part of the critical national infrastructure in the UK, forms the empirical basis of the paper. Most of these organizations had publicly placed business continuity and preparedness as a strategic priority. The paper adopts a qualitative approach, coding data from focus groups. Findings – In nearly all cases there is a pre-existing dominant coalition which keeps business continuity decisions off the strategic agenda. The only exceptions to this are a handful of organizations which provide continuous production, such as some utilities, where disruption to business as usual can be readily quantified. The data reveal structural and decisional elements of the exercise of power. Structurally, the dominant coalition centralizes control by ensuring that only a few functional interests participate in decision making. Research limitations/implications – Decisional elements of power emphasize the dominance of calculative rationality where decisions are primarily made on information and arguments which can be quantified. Finally, the paper notes the recursive aspect of power relations whereby agency and structure are mutually constitutive over time. Organizational structures of control are maintained, despite the involvement of managers charged with organizational preparedness and resilience, who remain outside the dominant coalition. Originality/value – The paper constitutes a first attempt to show how planning for emergencies fits within the strategy-making process and how politically controlled this process is.
Resumo:
This paper examines the effects of New Public Management reforms on the information infrastructure underpinning the work of public service professionals. Focussing on the case of the British National Health Service (NHS), the paper argues that hospital accounting reforms played a significant role in the emergence of standardised models of clinical practice. The paper moreover argues that, under the label “care pathways”, such standardised models of clinical practice became embedded in the information infrastructure of the NHS and concludes by discussing their implications for the work of doctors and hospital accountants.
Resumo:
One of the main challenges of emergency management lies in communicating risks to the public. On some occasions, risk communicators might seek to increase awareness over emerging risks, while on others the aim might be to avoid escalation of public reactions. Social media accounts offer an opportunity to rapidly distribute critical information and in doing so to mitigate the impact of emergencies by influencing public reactions. This article draws on theories of risk and emergency communication in order to consider the impact of Twitter as a tool for communicating risks to the public. We analyse 10,020 Twitter messages posted by the official accounts of UK local government authorities (councils) in the context of two major emergencies: the heavy snow of December 2010 and the riots of August 2011. Twitter was used in a variety of ways to communicate and manage associated risks including messages to provide official updates, encourage protective behaviour, increase awareness and guide public attention to mitigating actions. We discuss the importance of social media as means of increasing confidence in emergency management institutions.
Resumo:
This paper deals with the problematic of development methodologies for organisational information systems and especially with their application to business systems. Historically, information systems development methodologies tend to fail, because either they take the organisational purposefulness for granted, or they do not analyse it thoroughly. This paper's position is that the analysis, and the definition or redefinition of the systemic purpose are regarded as the utmost expression of the system 's purposefulness. This is to be achieved by ensuring the participation of all the stakeholders who affect, or are affected by, a particular business system's operations. The nature of participation, defined as a process of the stakeholders' perceptual exchanges, is deemed to be problematic in itself, due to the influence exerted upon it by organisational power, coercion and false consciousness. The paper highlights the philosophical reasons for the failures of information systems development methodologies, and provides a conceptual solution to this problematic as well as a strategy for the development of intrinsically motivated organisational information systems. The intrinsically motivated information systems methodology outlined here (BSPA) is intended to yield organisational information systems that demonstrably improve co-ordination of organisational activities, by enabling the development and maintenance of a single/multifaceted view of purpose throughout organisations.
Resumo:
Increasingly users are seen as the weak link in the chain, when it comes to the security of corporate information. Should the users of computer systems act in any inappropriate or insecure manner, then they may put their employers in danger of financial losses, information degradation or litigation, and themselves in danger of dismissal or prosecution. This is a particularly important concern for knowledge-intensive organisations, such as universities, as the effective conduct of their core teaching and research activities is becoming ever more reliant on the availability, integrity and accuracy of computer-based information resources. One increasingly important mechanism for reducing the occurrence of inappropriate behaviours, and in so doing, protecting corporate information, is through the formulation and application of a formal ‘acceptable use policy (AUP). Whilst the AUP has attracted some academic interest, it has tended to be prescriptive and overly focussed on the role of the Internet, and there is relatively little empirical material that explicitly addresses the purpose, positioning or content of real acceptable use policies. The broad aim of the study, reported in this paper, is to fill this gap in the literature by critically examining the structure and composition of a sample of authentic policies – taken from the higher education sector – rather than simply making general prescriptions about what they ought to contain. There are two important conclusions to be drawn from this study: (1) the primary role of the AUP appears to be as a mechanism for dealing with unacceptable behaviour, rather than proactively promoting desirable and effective security behaviours, and (2) the wide variation found in the coverage and positioning of the reviewed policies is unlikely to be fostering a coherent approach to security management, across the higher education sector.
Resumo:
Ensuring the security of corporate information, that is increasingly stored, processed and disseminated using information and communications technologies [ICTs], has become an extremely complex and challenging activity. This is a particularly important concern for knowledge-intensive organisations, such as universities, as the effective conduct of their core teaching and research activities is becoming ever more reliant on the availability, integrity and accuracy of computer-based information resources. One increasingly important mechanism for reducing the occurrence of security breaches, and in so doing, protecting corporate information, is through the formulation and application of a formal information security policy (InSPy). Whilst a great deal has now been written about the importance and role of the information security policy, and approaches to its formulation and dissemination, there is relatively little empirical material that explicitly addresses the structure or content of security policies. The broad aim of the study, reported in this paper, is to fill this gap in the literature by critically examining the structure and content of authentic information security policies, rather than simply making general prescriptions about what they ought to contain. Having established the structure and key features of the reviewed policies, the paper critically explores the underlying conceptualisation of information security embedded in the policies. There are two important conclusions to be drawn from this study: (1) the wide diversity of disparate policies and standards in use is unlikely to foster a coherent approach to security management; and (2) the range of specific issues explicitly covered in university policies is surprisingly low, and reflects a highly techno-centric view of information security management.
Resumo:
We determine the critical noise level for decoding low density parity check error correcting codes based on the magnetization enumerator , rather than on the weight enumerator employed in the information theory literature. The interpretation of our method is appealingly simple, and the relation between the different decoding schemes such as typical pairs decoding, MAP, and finite temperature decoding (MPM) becomes clear. In addition, our analysis provides an explanation for the difference in performance between MN and Gallager codes. Our results are more optimistic than those derived via the methods of information theory and are in excellent agreement with recent results from another statistical physics approach.
Resumo:
The development of an information system in Caribbean public sector organisations is usually seen as a matter of installing hardware and software according to a directive from senior management, without much planning. This causes huge investment in procuring hardware and software without improving overall system performance. Increasingly, Caribbean organisations are looking for assurances on information system performance before making investment decisions not only to satisfy the funding agencies, but also to be competitive in this dynamic and global business world. This study demonstrates an information system planning approach using a process-reengineering framework. Firstly, the stakeholders for the business functions are identified along with their relationships and requirements. Secondly, process reengineering is carried out to develop the system requirements. Accordingly, information technology is selected through detailed system requirement analysis. Thirdly, cost-benefit analysis, identification of critical success factors and risk analysis are carried out to strengthen the selection. The entire methodology has been demonstrated through an information system project in the Barbados drug service, a public sector organisation in the Caribbean.
Resumo:
Original Paper European Journal of Information Systems (2001) 10, 135–146; doi:10.1057/palgrave.ejis.3000394 Organisational learning—a critical systems thinking discipline P Panagiotidis1,3 and J S Edwards2,4 1Deloitte and Touche, Athens, Greece 2Aston Business School, Aston University, Aston Triangle, Birmingham, B4 7ET, UK Correspondence: Dr J S Edwards, Aston Business School, Aston University, Aston Triangle, Birmingham, B4 7ET, UK. E-mail: j.s.edwards@aston.ac.uk 3Petros Panagiotidis is Manager responsible for the Process and Systems Integrity Services of Deloitte and Touche in Athens, Greece. He has a BSc in Business Administration and an MSc in Management Information Systems from Western International University, Phoenix, Arizona, USA; an MSc in Business Systems Analysis and Design from City University, London, UK; and a PhD degree from Aston University, Birmingham, UK. His doctorate was in Business Systems Analysis and Design. His principal interests now are in the ERP/DSS field, where he serves as project leader and project risk managment leader in the implementation of SAP and JD Edwards/Cognos in various major clients in the telecommunications and manufacturing sectors. In addition, he is responsible for the development and application of knowledge management systems and activity-based costing systems. 4John S Edwards is Senior Lecturer in Operational Research and Systems at Aston Business School, Birmingham, UK. He holds MA and PhD degrees (in mathematics and operational research respectively) from Cambridge University. His principal research interests are in knowledge management and decision support, especially methods and processes for system development. He has written more than 30 research papers on these topics, and two books, Building Knowledge-based Systems and Decision Making with Computers, both published by Pitman. Current research work includes the effect of scale of operations on knowledge management, interfacing expert systems with simulation models, process modelling in law and legal services, and a study of the use of artifical intelligence techniques in management accounting. Top of pageAbstract This paper deals with the application of critical systems thinking in the domain of organisational learning and knowledge management. Its viewpoint is that deep organisational learning only takes place when the business systems' stakeholders reflect on their actions and thus inquire about their purpose(s) in relation to the business system and the other stakeholders they perceive to exist. This is done by reflecting both on the sources of motivation and/or deception that are contained in their purpose, and also on the sources of collective motivation and/or deception that are contained in the business system's purpose. The development of an organisational information system that captures, manages and institutionalises meaningful information—a knowledge management system—cannot be separated from organisational learning practices, since it should be the result of these very practices. Although Senge's five disciplines provide a useful starting-point in looking at organisational learning, we argue for a critical systems approach, instead of an uncritical Systems Dynamics one that concentrates only on the organisational learning practices. We proceed to outline a methodology called Business Systems Purpose Analysis (BSPA) that offers a participatory structure for team and organisational learning, upon which the stakeholders can take legitimate action that is based on the force of the better argument. In addition, the organisational learning process in BSPA leads to the development of an intrinsically motivated information organisational system that allows for the institutionalisation of the learning process itself in the form of an organisational knowledge management system. This could be a specific application, or something as wide-ranging as an Enterprise Resource Planning (ERP) implementation. Examples of the use of BSPA in two ERP implementations are presented.
Resumo:
The role of information in high-technology markets is critical (Dutta, Narasimhan and Rajiv 1999; Farrell and Saloner 1986; Weiss and Heide 1993). In these markets, the volatility and volume of information present managers and researchers with the considerable challenge of monitoring such information and examining how potential customers may respond to it. This article examines the effects of the type and volume of information on the market share of different technological standards in the Local Area Networks (LAN) industry. We identify three different types of information: technological, availability and adoption. Our empirical application suggests that all three types of information have significant effects on the market share of a technological standard, but their direction and magnitude differ. More specifically, technology-related information is negatively related to market share as it demonstrates that the underlying technology is immature and still evolving. Both availability and adoption-related information have a positive effect on market share, but the former is larger than the latter. We conclude that high-tech firms should emphasize the dissemination of information, especially availability-related, as part of their promotional strategy for a new technology. Otherwise, they may risk missing an opportunity to achieve a higher share and establish their market presence.
Resumo:
This article qualitatively analyzes the Critical Success Factors (CSFs) for Information Systems (IS) executive careers based on evidence gathered from five case studies carried out in 1997. Typical IS executive career paths are presented within a time series style and the CSFs are interpreted within a descriptive framework by synthesising the case data based on Social Cognitive Theory. The descriptive framework suggests that successful IS executive careers would most likely be achieved by well educated and experienced IS employees who have the right attitude towards both their career and work, together with good performance. They would also exhibit an ability for self-learning and to anticipate future IT uses, as well as having proficient IS management knowledge and skills while working with an appropriate organizational environment. Moreover, the framework systematically indicates the interactions between the coupling factors in the typical career development processes. This provides a benchmark for employees that are aiming at a senior IS executive career against which they can compare their own achievements and aspirations. It also raises propositions for further research on theory building.
Resumo:
Using panel data for 41 developed and developing countries over the period 1998-2004, this paper examines the links between ICT diffusion and human development. We conducted a panel regression analysis of the investments in healthcare, education and information and communication technology (ICT) against human development index (HDI). The results show that these variables can be used to predict HDI scores. In agreement with findings of previous research, it is clear from our analysis that the central focus on ICT as a solution for development will not bring the results that the promoters of ICT as an ‘engine of growth’ are expecting. It is unwise to disaggregate the issues of education and healthcare infrastructure from ICT infrastructure development. ICT policies should be integrated with other national policies in order to find a holistic and structural solution to development.
