Search results

This paper aims to investigate how congruent keywords are used in information security policies (ISPs) to pinpoint and guide clear actionable advice and suggest a metric for measuring the quality of keyword use in ISPs.

A qualitative content analysis of 15 ISPs from public agencies in Sweden was conducted with the aid of Orange Data Mining Software. The authors extracted 890 sentences from these ISPs that included one or more of the analyzed keywords. These sentences were analyzed using the new metric – keyword loss of specificity – to assess to what extent the selected keywords were used for pinpointing and guiding actionable advice. Thus, the authors classified the extracted sentences as either actionable advice or other information, depending on the type of information conveyed.

The results show a significant keyword loss of specificity in relation to pieces of actionable advice in ISPs provided by Swedish public agencies. About two-thirds of the sentences in which the analyzed keywords were used focused on information other than actionable advice. Such dual use of keywords reduces the possibility of pinpointing and communicating clear, actionable advice.

The suggested metric provides a means to assess the quality of how keywords are used in ISPs for different purposes. The results show that more research is needed on how keywords are used in ISPs.

The authors recommended that ISP designers exercise caution when using keywords in ISPs and maintain coherency in their use of keywords. ISP designers can use the suggested metrics to assess the quality of actionable advice in their ISPs.

The keyword loss of specificity metric adds to the few quantitative metrics available to assess ISP quality. To the best of the authors’ knowledge, applying this metric is a first attempt to measure the quality of actionable advice in ISPs.

The purpose of this paper is to survey existing information security policy (ISP) management research to scrutinise the extent to which manual and computerised support has been suggested, and the way in which the suggested support has been brought about.

The results are based on a literature review of ISP management research published between 1990 and 2017.

Existing research has focused mostly on manual support for managing ISPs. Very few papers have considered computerised support. The entire complexity of the ISP management process has received little attention. Existing research has not focused much on the interaction between the different ISP management phases. Few research methods have been used extensively and intervention-oriented research is rare.

Future research should to a larger extent address the interaction between the ISP management phases, apply more intervention research to develop computerised support for ISP management, investigate to what extent computerised support can enhance integration of ISP management phases and reduce the complexity of such a management process.

The limited focus on computerised support for ISP management affects the kind of advice and artefacts the research community can offer to practitioners.

Today, there are no literature reviews on to what extent computerised support the ISP management process. Findings on how the complexity of ISP management has been addressed and the research methods used extend beyond the existing knowledge base, allowing for a critical discussion of existing research and future research needs.

Twenty-first century online retailing has reshaped the retail landscape. Grocery shopping is emerging as the next fastest growing category in online retailing in the UK, having implications for the channels we use to purchase goods. Using Sainsbury’s data, the authors create a bespoke set of grocery click&collect catchments. The resultant catchments allow an investigation of performance within the emerging channel of grocery click&collect. The paper aims to discuss these issues.

The spatial interaction method of “Huff gravity modeling” is applied in a semi-automated approach, used to calculate grocery click&collect catchments for 95 Sainsbury’s stores in England. The catchments allow investigation of the spatial variation and particularly rural-urban differences. Store and catchment characteristics are extracted and explored using ordinary least squares regression applied to investigate “demand per day” (a confidentiality transformed revenue value) as a function of competition, performance and geodemographic factors.

The findings show that rural stores exhibit a larger catchment extent for grocery click&collect when compared with urban stores. Linear regression finds store characteristics as having the greatest impact on demand per day, adhering to wider retail competition literature. Conclusions display a need for further investigation (e.g. quantifying loyalty).

New insights are contributed at a national level for grocery click&collect, as well as e-commerce, multichannel shopping and retail geography. Areas for further investigation are identified, particularly quantitatively capturing brand loyalty. The research has commercial impact as the catchments are being applied by Sainsbury’s to decide the next 100 stores and plan for the next five years of their grocery click&collect offering.

The purpose of this paper is to explore how market factors (pertaining to institutions, competition and resources) shape the international strategies of an online retailer.

A single qualitative case study research design is employed to conduct in-depth analyses of a Swedish internationalising small- and medium-sized enterprise (SME) in the retail business.

The findings show that online retailers can use partnerships to tackle industry dynamics and break into foreign markets. This type of “piggy-back internationalisation” can be an effective strategy of handling foreign market dynamics in the entry phase: that is to say, the short term. Reliance upon relationships, however, may paradoxically inhibit retailers’ abilities to stay competitive in the post-entry phase (i.e. the long term) since they become cut-off from the first-hand market learning.

The authors provide propositions based upon the findings to support further research in the international marketing and international retailing literature.

The findings enhance the understanding of how electronic commerce affects SME internationalisation. They also generate new insights into the use of possible international expansion strategies for managers in retail SMEs.

This study introduces a new theoretical perspective to build upon international retail research and contributes to the international retail literature with relevant insights into both advantages and disadvantages of using partnerships to overcome challenges related to international online retailing.

The purpose of this paper is to investigate what role literature-based inputs have on the information security policy (ISP) development in practice.

A literature review is carried out to identify commonly used inputs for ISP development in theory firstly. Secondly, through the lens of institutional theory, an interpretive approach is adapted to study the influence of literature-based inputs in the ISP development in practice. Semi-structured interviews with senior experienced information security officers and managers from the public sector in Sweden are carried out for this research.

According to the literature review, 10 inputs for ISP development have been identified. The results from the interviews indicate that the role inputs have on the ISP development serves as more than a rational tool, where organisational context, institutional pressures and the search for legitimacy play an important role.

From the institutional perspective, this study signifies the influence of inputs on ISP development can be derived from institutionalised rules or practices established by higher authorities; actions and practices that are perceived as successful and often used by other organisations; the beliefs of what is viewed as appropriate to meet the specific pressures from stakeholders.

This research recommends five practical implications for practitioners working with the ISP development. These recommendations aim to create an understanding of how an ISP could be developed, considering more than the rational functionalist perspective.

To the best of the authors’ knowledge, it is the first of its kind in examining the role of literature-based inputs in ISP development in practice through the lens of institutional theory.

While digital transformation holds immense promise, organizations often fail to realize its benefits. This study aims to address how policies for digital transformation benefits realization are translated into practice.

The authors apply a qualitative, comparative case study of two large, public-sector health care organizations in Sweden. Through document and interview data, the authors analyze the process of translation.

The study finds that practice variation is primarily caused by two types of decoupling: policy-practice and means-ends. Contrary to previous studies, coercion in policy compliance is not found to decrease practice variation.

The limitations primarily stem from the empirical selection of two large public health-care organizations in Sweden, affecting the study’s generalizability. Reducing practice variation is more effectively achieved through goal alignment than coercion, leading to implications for the design of governance and control.

Policymakers should, instead of focusing on control-related compliance, work to align organizational objectives and policies to decrease practice variation for successful benefits realization.

The study contributes to better benefits realization of digital transformation initiatives in health care. As such, the authors contribute to a better functioning and more transformative health care in times of increased demand and decreased supply of health-care services.

The study challenges conventional wisdom by identifying that coercion is less effective than goal alignment in reducing practice variation, thereby enhancing the understanding of policy implementation dynamics in health-care settings.

Information security management (ISM) is proving to be an important topic in the modern world; in environments that will rely a great deal on digital technologies, such as smart cities, ISM research is of high importance and needs to be well analysed. The paper aims to discuss these issues.

This paper indicates the criticality of ISM for smart cities through the literature, then focusses on top organisational factors influencing ISM in smart city organisations, which are embraced and justified from the literature.

This paper highlights the need for more research around ISM in the context of smart city organisations, also ISM-related organisational factors that are expected to most influence smart city organisational performance.

This paper is proposed to influence more research in the area of ISM for smart cities among the research community. Additional research is also expected to further validate and examine the selected organisational factors.

This paper presents new information on ISM in smart city organisations, the lack of research in this area, and the criticality of the highlighted issues, creates high value for the conclusions and findings of this research. The paper also highlights top organisational factors that are expected to influence ISM in smart city organisations.

The purpose of this paper is to expose the playout of power dynamics when a new business intelligence (BI) system is implemented in a central pharmacy department in a National Health Service (NHS) hospital. The authors aim to explore the assumptions, experiences and actions of organisational stakeholders and ascertain how different professional groups obtain influence, power and control during this process.

In this research the authors employ structuration theory (ST), to establish how and where domination is achieved. To achieve this, the authors investigate the production and reproduction of structure as part of a longitudinal assessment using interviews and questionnaires.

Constant renewal and evolution are crucial in the implementation of a BI system. During the process of implementation and change many stakeholders resent the change. Disempowering these users leads to new power structures led by BI analysts.

The findings from this paper can help strengthen implications of BI systems implementation and better understand the impact these systems have on wider stakeholders. With coherent communication and an engaged attitude new BI systems can be implemented without alienating the key user stakeholders.

This paper differs from other papers by advocating that new systems and processes alter individual power structures in organisations, disrupting internal dynamics and introducing new aspects of control and dominance.

Algorithm bias refers to repetitive computer program errors that give some users more weight than others. The aim of this article is to provide a deeper insight of algorithm bias in AI-enabled ERP software customization. Although algorithmic bias in machine learning models has uneven, unfair and unjust impacts, research on it is mostly anecdotal and scattered.

As guided by the previous research (Akter et al., 2022), this study presents the possible design bias (model, data and method) one may experience with enterprise resource planning (ERP) software customization algorithm. This study then presents the artificial intelligence (AI) version of ERP customization algorithm using k-nearest neighbours algorithm.

This study illustrates the possible bias when the prioritized requirements customization estimation (PRCE) algorithm available in the ERP literature is executed without any AI. Then, the authors present their newly developed AI version of the PRCE algorithm that uses ML techniques. The authors then discuss its adjoining algorithmic bias with an illustration. Further, the authors also draw a roadmap for managing algorithmic bias during ERP customization in practice.

To the best of the authors’ knowledge, no prior research has attempted to understand the algorithmic bias that occurs during the execution of the ERP customization algorithm (with or without AI).