Factors influencing the implementation of information systems security strategies in organisations

Many organizations still rely on deterrence to control insider threats and on purely preventive strategies to control outsider threats. Such a simple approach to organizational information security is no longer viable given the increasing operational sophistication of current security threat agents and the complexity of information technology infrastructure. Effective implementation of security requires organizations to select a combination of strategies that work in tandem and best suits their security situation. This paper addresses the identification and classification of factors that influence implementation of security strategies in organizations. In this paper, we develop a preliminary architecture that aims to assist organizations in deciding how strategies can be designed to complement each other to improve the cost-effectiveness of security.

The implementation of mobile technology in organizations : expanding individual use contexts

Mobile computing devices such as personal digital assistants, smart mobile phones, and other handheld computing devices hold much promise in terms of their organizational application. Many existing models of the individual acceptance and implementation of information technology in organizational contexts have been developed in the era of “at the office” computing such as MIS, office automation, groupware, and so forth. We conducted two in-depth case studies of the implementation of mobile technology in healthcare organizations. The studies highlight interrelated individual use contexts due to the mobility of the technology: the individual as employee, as professional, as private user, and as member of society. The cases show that influences emanating from these use contexts impacted on the individual adoption of the technology within the organization. While broad extra-organizational influences are incorporated in some existing individual technology adoption models, we show that it becomes relevant to accommodate these influences more specifically in research models of mobile computing in organizations. Based on the extant literature and the case study data we pave the way toward more comprehensive models of the adoption and implementation of mobile technologies in organizations.

Information technology competencies for Malaysian accountants – an academic's perspective

An increase in the pace of technological change has revolutionised the way accountants perform their jobs. In response to this challenge, the identification of a new comprehensive set of information technology competencies combined with information technology skills and other skills (namely, soft skills) are necessary. This study uses mixed methods to identify which information technology skills and competencies are required for accountants from the perspective of academics in Malaysia. Findings indicate that spreadsheets, word processing and accounting software were ranked as much-needed skills to be acquired by accountants while communication skills were ranked as the most required skills, and delegation skills as the least required. Although academics have an important role to determine accountants’ information technology skills and competencies, they are still unfamiliar with the exact soft skills that should be blended in utilising information technology.

Creative geeks? Investigating creativity support systems for information technology students

This study investigated creativity and what factors can be conducive to a creative educational milieu. The results of this study highlighted the diverse nature of creativity, and substantiated the need for an audience specific ‘Creativity Support System’. An outcome was a model of creative needs specific for an educational setting

Do private equity and venture capital backed firms have better corporate governance after going public?

Mercados financeiros e finanças corporativas

Information technology outsourcing in financial services

Regulatory pressures and strong competitiveness, as well as the need to control costs and remain up to date with information technologies have turned outsourcing into a basic tool at the disposal of financial entities. Our paper has as its aim to show the peculiarities of information technology outsourcing in the financial services industry, additionally suggesting a decision framework which can help firms minimise risks.

Gaining social values of wireless technology:an interpretive case study in the healthcare institutional context

The existing literature has given little consideration to social values of information technology in general or of wireless technology in particular. The purpose of this paper is thus to shed new light on this issue. Based on an interpretive case study, we examine two healthcare organisations and discover that social values are often manifested beyond, as well as within, organisations. A matrix of social values in relation to technology changes and their interactions with various stakeholders is further discussed. The matrix helps understand how various social values emerge from and revolve around organisations’ strategic management of information technology. The implications of the findings about social values are discussed and future research directions are suggested.

Project Proposals Development – Entrepreneurship and Reflection in Teaching Information Technology

This work presents a model for development of project proposals by students as an approach to teaching information technology while promoting entrepreneurship and reflection. In teams of 3 to 5 participants, students elaborate a project proposal on a topic they have negotiated with each other and with the teacher. The project domain is related to the practical application of state-of-theart information technology in areas of substantial public interest or of immediate interest to the participants. This gives them ample opportunities for reflection not only on technical but also on social, economic, environmental and other dimensions of information technology. This approach has long been used with students of different years and programs of study at the Faculty of Mathematics and Informatics, Plovdiv University “Paisiy Hilendarski”. It has been found to develop all eight key competences for lifelong learning set forth in the Reference Framework and procedural skills required in real life.

State control and corporate governance in transition economies:25 years on from 1989

Research Question/Issue - Which forms of state control over corporations have emerged in countries that made a transition from centrally-planned to marked-based economies and what are their implications for corporate governance? We assess the literature on variation and evolution of state control in transition economies, focusing on corporate governance of state-controlled firms. We highlight emerging trends and identify future research avenues. Research Findings/Insights - Based on our analysis of more than 100 articles in leading management, finance, and economics journals since 1989, we demonstrate how research on state control evolved from a polarized approach of public–private equity ownership comparison to studying a variety of constellations of state capitalism. Theoretical/Academic Implications - We identify theoretical perspectives that help us better understand benefits and costs associated with various forms of state control over firms. We encourage future studies to examine how context-specific factors determine the effect of state control on corporate governance. Practitioner/Policy Implications - Investors and policymakers should consider under which conditions investing in state-affiliated firms generates superior returns.

Fatores que influenciam a predisposição dos usuários em aderir a uma política de segurança da informação

The information constitutes one of the most valuable strategic assets for the organization. However, the organizational environment in which it is inserted is very complex and heterogeneous, making emerging issues relevant to the Governance of information technology (IT) and Information Security. Academic Studies and market surveys indicate that the origin of most accidents with the information assets is the behavior of people organization itself rather than external attacks. Taking as a basis the promotion of a culture of safety among users and ensuring the protection of information in their properties of confidentiality, integrity and availability, organizations must establish its Information Security Policy (PSI). This policy is to formalise the guidelines in relation to the security of corporate information resources, in order to avoid that the asset vulnerabilities are exploited by threats and can bring negative consequences to the business. But, for the PSI being effective, it is required that the user have readiness to accept and follow the procedures and safety standards. In the light of this context, the present study aims to investigate what are the motivators extrinsic and intrinsic that affect the willingness of the user to be in accordance with the organization's security policies. The theoretical framework addresses issues related to IT Governance, Information Security, Theory of deterrence, Motivation and Behavior Pro-social. It was created a theoretical model based on the studies of Herath and Rao (2009) and D'Arcy, Hovav and Galletta (2009) that are based on General Deterrence Theory and propose the following influencing factors in compliance with the Policy: Severity of Punishment, Certainty of Detection, Peer Behaviour, Normative Beliefs, Perceived Effectiveness and Moral Commitment. The research used a quantitative approach, descriptive. The data were collected through a questionnaire with 18 variables with a Likert scale of five points representing the influencing factors proposed by the theory. The sample was composed of 391 students entering the courses from the Center for Applied Social Sciences of the Universidade Federal do Rio Grande do Norte. For the data analysis, were adopted the techniques of Exploratory Factor Analysis, Analysis of Cluster hierarchical and nonhierarchical, Logistic Regression and Multiple Linear Regression. As main results, it is noteworthy that the factor severity of punishment is what contributes the most to the theoretical model and also influences the division of the sample between users more predisposed and less prone. As practical implication, the research model applied allows organizations to provide users less prone and, with them, to carry out actions of awareness and training directed and write Security Policies more effective.

The social values of wireless technology in the institutional context

Despite growing attention, social values, compared to economic aspects, of information technology (IT) capture substantially less attention in the mainstream IT literature. In the context of mobile technology, social values might be as critical to help justify technology investment as the predominant economics perspective in the existing IT literature. As wireless networks and relevant mobile technologies continue to penetrate the global society and business world, an emerging social phenomenon rapidly reshapes how organizations interact with the technology and reposition themselves in their specific institutional context where organizations often develop networked alliance to compete against one another. This study thus seeks to shed light on how organizations make sense of the social aspects of wireless network implementation. Preliminary understanding derived from two higher education organizations' experiences is summarized. Implications for future research endeavor are suggested.

Muito além da tecnologia : o impacto dos mecanismos não operacionais na efetividade da governança de TI na administração pública

Dissertação (mestrado)—Universidade de Brasília, Faculdade de Economia, Administração e Contabilidade, Programa de Pós-Graduação em Administração, 2016.

Enterprise systems curricula for Asia-Pacific region : a vision for 2020

Enterprise Systems (ES) have emerged as possibly the most important and challenging development in the corporate use of information technology in the last decade. Organizations have invested heavily in these large, integrated application software suites expecting improvments in; business processes, management of expenditure, customer service, and more generally, competitiveness, improved access to better information/knowledge (i.e., business intelligence and analytics). Forrester survey data consistently shows that investment in ES and enterprise applications in general remains the top IT spending priority, with the ES market estimated at $38 billion and predicted to grow at a steady rate of 6.9%, reaching $50 billion by 2012 (Wang & Hamerman, 2008). Yet, organizations have failed to realize all the anticipated benefits. One of the key reasons is the inability of employees to properly utilize the capabilities of the enterprise systems to complete the work and extract information critical to decision making. In response, universities (tertiary institutes) have developed academic programs aimed at addressing the skill gaps. In parallel with the proliferation of ES, there has been growing recognition of the importance of Teaching Enterprise Systems at tertiary education institutes. Many academic papers have discused the important role of Enterprise System curricula at tertiary education institutes (Ask, 2008; Hawking, 2004; Stewart, 2001), where the teaching philosophises, teaching approaches and challenges in Enterprise Systems education were discussed. Following the global trends, tertiary institutes in the Pacific-Asian region commenced introducing Enterprise System curricula in late 1990s with a range of subjects (a subject represents a single unit, rather than a collection of units; which we refer to as a course) in faculties / schools / departments of Information Technology, Business and in some cases in Engineering. Many tertiary educations commenced their initial subject offers around four salient concepts of Enterprise Systems: (1) Enterprise Systems implementations, (2) Introductions to core modules of Enterprise Systems, (3) Application customization using a programming language (e.g. ABAP) and (4) Systems Administration. While universities have come a long way in developing curricula in the enterprise system area, many obstacles remain: high cost of technology, qualified faculty to teach, lack of teaching materials, etc.

Práticas de governança de tecnologia da informação: um estudo de caso em empresas de telecomunicações do Rio Grande do Norte

This study aims to understand the general model of governance of information technology adopted by telecommunication companies operating in Rio Grande do Norte. The research methodology used involved a theoretical and empirical approach prepared, involving two case studies on companies in the telecommunications industry working in the state of Rio Grande do Norte. The study covered the area of IT organizations, through interviews with managers responsible for the area of Telecommunications / IT. To study in accordance with the approach and address the problem of research, this study was based on qualitative criteria, which enabled the understanding of how companies adopt the governance of information technology. In conclusion, it was found that the governance practices of information technology employees are incipient, but that meet the needs of business and that they intend to implement in specific areas and use other practices of IT governance