Search results

1 – 10 of 317
To view the access options for this content please click here
Article
Publication date: 24 September 2019

Arno Nuijten, Mark Keil, Gerrit Sarens and Mark van Twist

Information system projects often go awry and when they do internal auditors are often in a position to bring the problems to management’s attention. However, managers are…

Abstract

Purpose

Information system projects often go awry and when they do internal auditors are often in a position to bring the problems to management’s attention. However, managers are not always receptive to risk warnings, even when internal auditors who are role prescribed to carry out this function deliver such warnings. This phenomenon is known as the deaf effect. This paper aims to examine the actions that internal auditors take to resolve the deaf effect and how these actions affect the auditor–manager relationship.

Design/methodology/approach

Based on a multiple case study approach, the authors conducted in-depth interviews with auditors and examined ten cases of the deaf effect from the auditor’s perspective.

Findings

The findings revealed three categories of actions that auditors took in response to the deaf effect and how these actions immediately affected the auditor–manager relationship. Further, by analyzing the subsequent sequence of actions taken by the auditor in each case, the authors identified three distinct patterns that capture the dynamics of the auditor–manager relationship over time until the deaf effect was, ultimately, resolved.

Originality/value

Several practitioner studies have shown that internal auditors and managers struggle to build effective relationships, even under the most favorable circumstances and the authors suggest that deaf effect situations are likely to pose an even greater challenge to the auditor–manager relationship. The study contributes to the discourse on internal audit effectiveness in several ways. First, the authors identified three categories of actions that internal auditors took in response to the deaf effect. The authors found that two of these categories of action are related to the two distinct roles that internal auditors can play (inspector or consultant). Second, the authors examined how these categories of actions played out over time, influencing the auditor–manager relationship dynamics.

Details

Managerial Auditing Journal, vol. 34 no. 9
Type: Research Article
ISSN: 0268-6902

Keywords

To view the access options for this content please click here
Article
Publication date: 1 June 2004

Magnus Mähring, Jonny Holmström, Mark Keil and Ramiro Montealegre

This study investigates the potential of actor‐network theory (ANT) for theory development on information technology project escalation, a pervasive problem in…

Abstract

This study investigates the potential of actor‐network theory (ANT) for theory development on information technology project escalation, a pervasive problem in contemporary organizations. In so doing, the study aims to contribute to the current dialogue on the potential of ANT in the information systems field. While escalation theory has been used to study “runaway” IT projects, two distinct limitations suggest a potential of using ANT: First, there is a need for research that builds process theory on escalation of IT projects. Second, the role of technology as an important factor (or actor) in the shaping of escalation has not been examined. This paper examines a well‐known case study of an IT project disaster, the computerized baggage handling system at Denver International Airport, using both escalation theory and ANT. A theory‐comparative analysis then shows how each analysis contributes differently to our knowledge about dysfunctional IT projects and how the differences between the analyses mirror characteristics of the two theories. ANT is found to offer a fruitful theoretical addition to escalation research and several conceptual extensions of ANT in the context of IT project escalation are proposed: embedded actor‐networks, host actor‐networks, swift translation and Trojan actor‐networks.

Details

Information Technology & People, vol. 17 no. 2
Type: Research Article
ISSN: 0959-3845

Keywords

To view the access options for this content please click here
Article
Publication date: 1 December 1997

Richard A. Huff, Mark Keil, Leon Kappelman and Victor Prybutok

Risk is an inherent component of business transactions. Today's flattened business organisations are forcing strategic, risk‐related decisions farther down the…

Abstract

Risk is an inherent component of business transactions. Today's flattened business organisations are forcing strategic, risk‐related decisions farther down the organisational hierarchy (Richards et.al., 1996). Therefore, every business decision maker has to become proficient at factoring risk into the decision‐making process. How the risk level of the transaction affects the decision maker and the eventual decision is a function of that person's risk propensity. For senior managers in those flattened organisations facing the necessity of having less‐senior individuals making strategic decisions, the attitudes of those individuals toward risk is extremely important.

Details

Management Research News, vol. 20 no. 12
Type: Research Article
ISSN: 0140-9174

To view the access options for this content please click here
Article
Publication date: 26 March 2021

Silvana Costantini, Jon G. Hall and Lucia Rapanotti

The paper aims to provide methodological support for hybrid project management, in which the discipline of predictive methodologies combines with the flexibility of…

Abstract

Purpose

The paper aims to provide methodological support for hybrid project management, in which the discipline of predictive methodologies combines with the flexibility of adaptive ones. Specifically, the paper explores the extent complexity and volatility dimensions of organisational problems inform choices of PM methodologies both theoretically and in current practice, as a first step towards better methodological support for hybridisation.

Design/methodology/approach

The paper takes a mixed method approach, including both secondary research and primary research with practitioners. Primary research consists of a small scale survey (n = 31) followed by semi-structured interviews, with findings triangulated against secondary evidence.

Findings

The paper provides empirical insights on how complexity and volatility of organisational problems can inform hybrid project management practices. Specifically, it suggests a mapping between volatility and complexity dimensions and predictive and adaptive risk controls as a first step towards the systematisation of hybrid combinations in projects.

Research limitations/implications

Due to the small participant sample, the research results may lack generalisability.

Practical implications

The paper includes implications for the development of methodological support for setting up hybrid projects in practice.

Originality/value

The paper addresses a gap acknowledged both in the literature and by practitioners.

Details

International Journal of Managing Projects in Business, vol. 14 no. 5
Type: Research Article
ISSN: 1753-8378

Keywords

To view the access options for this content please click here
Article
Publication date: 1 June 2004

Ole Hanseth, Margunn Aanestad and Marc Berg

In this editorial introduction Allen Lee's definition of the information systems (IS) field is taken as the starting point: “Research in the information systems field…

Abstract

In this editorial introduction Allen Lee's definition of the information systems (IS) field is taken as the starting point: “Research in the information systems field examines more than just the technological system, or just the social system, or even the two systems side by side; in addition, it investigates the phenomena that emerge when the two interact” (Lee, A. “Editorial”, MISQ, Vol. 25, No. 1, 2001, p. iii). By emphasizing the last part of this, it is argued that actor‐network theory (ANT) can provide IS research with unique and very powerful tools to help us overcome the current poor understanding of the information technology (IT) artifact (Orlikowski, W. and Iacono, S., “Research commentary: desperately seeking the ‘IT’ in IT research – a call for theorizing the IT artifact”, Information Systems Research, Vol. 10 No. 2, 2001, pp. 121‐34). These tools include a broad range of concepts describing the interwoven relationships between the social.

Details

Information Technology & People, vol. 17 no. 2
Type: Research Article
ISSN: 0959-3845

Keywords

To view the access options for this content please click here
Article
Publication date: 5 March 2018

Baidyanath Biswas and Arunabha Mukhopadhyay

Malicious attackers frequently breach information systems by exploiting disclosed software vulnerabilities. Knowledge of these vulnerabilities over time is essential to…

Abstract

Purpose

Malicious attackers frequently breach information systems by exploiting disclosed software vulnerabilities. Knowledge of these vulnerabilities over time is essential to decide the use of software products by organisations. The purpose of this paper is to propose a novel G-RAM framework for business organisations to assess and mitigate risks arising out of software vulnerabilities.

Design/methodology/approach

The G-RAM risk assessment module uses GARCH to model vulnerability growth. Using 16-year data across 1999-2016 from the National Vulnerability Database, the authors estimate the model parameters and validate the prediction accuracy. Next, the G-RAM risk mitigation module designs optimal software portfolio using Markowitz’s mean-variance optimisation for a given IT budget and preference.

Findings

Based on an empirical analysis, this study establishes that vulnerability follows a non-linear, time-dependent, heteroskedastic growth pattern. Further, efficient software combinations are proposed that optimise correlated risk. The study also reports the empirical evidence of a shift in efficient frontier of software configurations with time.

Research limitations/implications

Existing assumption of independent and identically distributed residuals after vulnerability function fitting is incorrect. This study applies GARCH technique to measure volatility clustering and mean reversal. The risk (or volatility) represented by the instantaneous variance is dependent on the immediately previous one, as well as on the unconditional variance of the entire vulnerability growth process.

Practical implications

The volatility-based estimation of vulnerability growth is a risk assessment mechanism. Next, the portfolio analysis acts as a risk mitigation activity. Results from this study can decide patch management cycle needed for each software – individual or group patching. G-RAM also ranks them into a 2×2 risk-return matrix to ensure that the correlated risk is diversified. Finally the paper helps the business firms to decide what to purchase and what to avoid.

Originality/value

Contrary to the existing techniques which either analyse with statistical distributions or linear econometric methods, this study establishes that vulnerability growth follows a non-linear, time-dependent, heteroskedastic pattern. The paper also links software risk assessment to IT governance and strategic business objectives. To the authors’ knowledge, this is the first study in IT security to examine and forecast volatility, and further design risk-optimal software portfolios.

Details

Journal of Enterprise Information Management, vol. 31 no. 2
Type: Research Article
ISSN: 1741-0398

Keywords

To view the access options for this content please click here
Article
Publication date: 3 April 2018

Anjali Shishodia, Vijaya Dixit and Priyanka Verma

The purpose of this paper is to analyze risk profiles of projects based on project characteristics and provide key managerial insights.

Abstract

Purpose

The purpose of this paper is to analyze risk profiles of projects based on project characteristics and provide key managerial insights.

Design/methodology/approach

A total of 37 project cases from engineering and construction (E&C), information system/technology (IS/IT), and new product development (NPD) sectors with detailed information on project characteristics and risks were identified from published literature. An integrated framework was developed to analyze the prominent risk categories associated with novelty, technology, complexity, and pace (NTCP) project characteristics.

Findings

Within-sector analysis revealed that schedule, resource, and scope risks are the most prominent risk categories in E&C, IS/IT, and NPD projects, respectively. Similarly, interesting key insights have been drawn from detailed cross-sector analysis, depicting different risk categories based on NTCP project characteristics.

Research limitations/implications

The findings are based on the case studies adopted from the literature that provides details of project characteristics and risk profiles.

Practical implications

Depending upon the risks associated with different project characteristics, an integrated framework developed in the study can be used for the development of highly authentic risk management plans at the onset.

Originality/value

This is one of the earliest studies to provide an integrated risk framework for projects based on their NTCP characteristics. The two contrasting perspectives of within-sector and cross-sector analyses were adopted. Overall, the study will enhance the future preparedness toward risks.

To view the access options for this content please click here
Article
Publication date: 6 August 2018

Sachin Kumar Mangla, Sunil Luthra, Suresh Kumar Jakhar, Mohit Tyagi and Balkrishna Eknath Narkhede

From last few decades, logistics management (LM) constitutes a global concern among organization’s supply chain (SC) to improve their business effectiveness. The purpose…

Abstract

Purpose

From last few decades, logistics management (LM) constitutes a global concern among organization’s supply chain (SC) to improve their business effectiveness. The purpose of this paper is to uncover and analyze the critical factors (CFs) related to the implementation of effective LM concept and benchmark the SC performance.

Design/methodology/approach

The most common (16) CFs were identified and selected through literature and use of the Delphi method. Subsequently, the selected most common CFs were analyzed to distinguish their causal relations using the fuzzy Decision Making Trial and Evaluation Laboratory (DEMATEL) technique under unclear surroundings. A case example of Indian Logistics Company is also discussed to reveal the practical applicability of the research.

Findings

Provision of the effective information communication and technological developments in the system and Management dedication, support and involvement CFs are found to have the top most influences in the effective implementation of LM. This paper also groups the CFs into cause and effect relationship which provides valuable insights for analyzing the factors in successful implementation of LM.

Practical implications

This work attempts to understand the different CFs, their relative position and the importance rating in the system, due to which, managers can differentiate the factor which greatly affects the concepts of implementing LM, and thus, improvements can be made accordingly.

Originality/value

First, this work offers 16 CFs to LM implementation from a SC scenario. Second, in the context of contributing to the theory, the combined Delphi and fuzzy DEMATEL-based model is provided that helps in managing the logistic related issues effectively.

Details

Benchmarking: An International Journal, vol. 25 no. 6
Type: Research Article
ISSN: 1463-5771

Keywords

To view the access options for this content please click here
Article
Publication date: 1 October 2005

Jane C. Linder

Evaluating the potential payoff of an individual project in a portfolio, especially an innovative product development initiative, is a chronic problem with no satisfying

Abstract

Purpose

Evaluating the potential payoff of an individual project in a portfolio, especially an innovative product development initiative, is a chronic problem with no satisfying solution. Because the commonly used tools to measure such opportunities provide limited insights, executives need better decision support technology.

Design/methodology/approach

Executives making difficult portfolio funding decisions must answer such questions as which of their projects seem to be most promising, whether they should act now or bide their time, and how much they should pay to stay in the game.

Findings

Executives can use the visible options approach to manage initiatives by taking the following steps: review the composition of the project portfolio; crosscheck the announced initiatives with the company's future value; don't leave upside‐intensive initiatives on the back burner; and use failure‐avoiding management to limit downside risk.

Research limitations/implications

The visual options method has yet to be extensively field‐tested and researchers need to collect feedback from early adopters.

Practical implications

Using visual options techniques, executives can scan a set of initiatives and quickly spot projects inspired by opportunities and those developed in response to threats; the projects with big potential future outcomes and those that have only modest prospects. They can now see urgent opportunities with windows that are closing rapidly as well as the proximate threats that are often easier to recognize.

Originality/value

First full description of the visible options technique. A visible options tool that displays the potential benefits of projects more graphically and gives a more complete picture of possible results over time could help managers make more effective decisions.

Details

Strategy & Leadership, vol. 33 no. 5
Type: Research Article
ISSN: 1087-8572

Keywords

To view the access options for this content please click here
Article
Publication date: 7 November 2016

Yao Zhang and Fei Zuo

The purpose of this paper is to propose a method to address the problem of selecting risk response actions (RRAs) considering the risk dependency that is seldom considered…

Abstract

Purpose

The purpose of this paper is to propose a method to address the problem of selecting risk response actions (RRAs) considering the risk dependency that is seldom considered in the existing studies.

Design/methodology/approach

First, a method based on the Measuring Attractiveness by a Categorical-Based Evaluation Technique (MACBETH) is proposed to measure the dependencies between the risks, and then a preference coefficient denoting the relative importance of the risk dependency is introduced. Besides, an exponential utility function is used to describe the project manager’s (PM) risk-averse behaviour. Finally, a mathematical model that incorporates the risk dependency and risk preference of the PM is constructed for selecting the RRAs.

Findings

Risk dependency plays an important role in the process of RRA selection. First, more expected utility can be obtained when the risk dependency is considered. Second, more attention should be paid to the risk dependency for coping with critical risks when the budget is tight.

Practical implications

This method can be applied to determine the RRAs when the risk dependency exists between the project risks.

Originality/value

This paper proposes a model to select RRAs with consideration of the risk dependency, which is an important issue from a theoretical as well as a practical perspective in project risk management.

Details

Kybernetes, vol. 45 no. 10
Type: Research Article
ISSN: 0368-492X

Keywords

1 – 10 of 317