Goal Setting and Trust in a Security Management Context

ABSTRACT

Information security can be viewed as the efficient control of uncertainty arising from malicious acts intended to exploit valuable assets and in the context of information systems the valuable assets under consideration are data. A large part of information security approaches is technical in nature with less consideration on people and organizational issues. The research presented in this paper adopts a broader perspective and presents an understanding of information security in terms of a socio-organizational perspective. In doing so, it uses the goal-setting approach to identify any possible weaknesses in security management procedures in relation to trust among the members of information technology groups in communicating efficiently security risk messages. Data for the research were collected through in-depth interviews within three case studies. Interview results suggest that goal setting and trust are interrelated in managing information security. The research contributes to interpretive information systems with the study of goal setting and trust in a security management context.     

Threats and countermeasures for information system security: A cross-industry study

IS security threats have increased significantly in recent years. We identified the gaps between manager perceptions of IS security threats and the security countermeasures adopted by firms by collecting empirical data from 109 Taiwanese enterprises. Industry type and organizational use of IT were seen as the two factors that affected the motivation of firms to adopt security countermeasures, but their implementation did not necessarily affect the threat perceptions of the managers. Analyses of responses suggested that the scope of the countermeasures adopted were not commensurate with the severity of the perceived threats. Among the threats, networks were rated as contributing the most severe threat and yet had the lowest level of protection, this was followed by threats due to personnel and administrative issues. We therefore addressed threat mitigation strategies, specifically in terms of the differences between industries.     

On the nationality balance of authors and references in selected MIS journals

Citation analysis is an established technique in literature analysis. It can be used to reveal citation patterns and thus results stemming from the analysis, including co-citation patterns and groupings of researchers, even reveal paradigmatic schools within a certain field. In this article, twelve major MIS journals — six European and six American — are studied to find out whether there are any differences in author selection and referencing patterns. It was discovered that the American MIS community is much more self-sustaining than the European one, which relies heavily on work by American authors. This points either to the superiority of the American MIS community, or the under-appreciation of foreign research, or possibly both. On the European side, the result might be interpreted as a sign of low-quality research, lack of self-esteem and pride, or again both. Clear differences between the editorial policy of the journals can be discerned: some journals accept the American hegemony; some try to maintain a balance between contributions from different countries; and some favour European research.     

A profile of information systems research published in Information & Management

Information & Management (I&M) has been consistently regarded as one of the top academic journals in information systems (IS). In a spirit of introspection, this article profiles research published in I&M: we identified the most productive authors and universities associated with most research publications in I&M during the past 13 years (1992–2005). Based on a more detailed analysis of publications during the past 7 years, we determined the subject areas most often investigated and the research methodologies most often employed. Finally, we identified best practices by way of reporting the topics and methodologies used by the highly published authors. Our results indicate that while IS research is clearly dominated by US based universities, international researchers are beginning to make inroads. Furthermore, while the survey methodology is still dominant, interest in utilizing other methodologies is on the rise. Our findings should have implications for researchers, journal editors, universities, and research institutions.     

An empirical investigation of the relationship of IS strategy with firm performance

Given the important impact that an IS strategy has on the potential value IS brings to an organization, we develop and test a model of IS Strategy and Firm Performance. Our survey-based study provides strong evidence that firms with defined IS strategies (either IS Innovator or IS Conservative) perform better than those without defined IS strategies. Organizations without a clearly defined IS strategy actually experienced a negative relationship with firm performance. These organizations should realize the potentially negative outcomes of such a lack of strategy and work to extricate themselves before a consistent pattern of investing in IS without clear organizational benefit develops. Furthermore, the study suggests that the IS Innovator strategy is, in particular, associated with more superior firm performance than the IS Conservative strategy under conditions of environmental dynamism. Organizational leaders need to consider the external environments under which their organizations are operating and evaluate the influence those environments may have on their IS strategy’s ability to impact performance. Post hoc analysis results also reveal a fourth potential IS strategy, one that strives for ambidexterity. Ambidextrous firms were found to be associated with the most superior performance, leading to a potential extension of the existing IS strategy typology and a call for future research.     

Investigating the effects of IS strategic leadership on organizational benefits from the perspective of CIO strategic roles

In this study, the effects of IS strategic leadership on organizational outcomes are examined from the perspective of CIO strategic roles. A field survey is conducted that collects data from 110 matched pairs of CIOs and business executives within organizations. Our findings suggest that strategic leadership significantly affects both organizational benefits and information system quality. Further, we found that IS quality significantly mediates the relationship between IS strategic leadership and organizational benefits. We also note that IS vision significantly moderates the relationship between IS strategic leadership and IS quality, although it does not moderate the relationship between IS strategic leadership and organizational benefits or the relationship between IS quality and organizational benefits.     

A meta-analytic assessment of the DeLone and McLean IS success model: An examination of IS success at the individual level

Fifteen years ago, DeLone and McLean published their original model of IS success, which received considerable attention in the literature. Given the widespread acceptance of the model, we conducted a meta-analysis to determine whether the model had been validated by research studies reported in the literature. By aggregating the results of 52 empirical studies that examined relationships within the IS success model at the individual level of analysis, we found support for the relationships that encompass the model. We also offer insights on IS success based on the findings of our work.