Search results
1 – 8 of 8Fábio Luís Falchi de Magalhães, Marcos Antonio Gaspar, Edimara Mezzomo Luciano and Domingos Márcio Rodrigues Napolitano
investigate and analyze the aspects of legitimation, theorization and trends for the evolution of research in information technology governance (ITG) in Brazil, according to…
Abstract
Purpose
investigate and analyze the aspects of legitimation, theorization and trends for the evolution of research in information technology governance (ITG) in Brazil, according to researchers familiar with the matter.
Design/methodology/approach
By means of a qualitative and quantitative research of exploratory-descriptive approach, the Delphi method was applied using a questionnaire supported by content analysis.
Findings
ITG is an increasingly interdisciplinary research field, with significant help from other fields of knowledge, such as administration, computer science and engineering. The main means of ITG publication are periodicals (MISQ, JMIS, JISTEM RESI), scientific events (AMCIS, ECIS, HICSS, EnANPAD, CONTECSI) and researchers, such as Peter Weill and Edimara Mezzomo Luciano. Best practice models are the most significant theoretical frameworks, and the main trend of research are on emerging technologies such as cloud computing and Internet of things (IoT) in the context of ITG.
Research limitations/implications
To the unavailability of some researchers to participate in the second phase of the Delphi research performed, as well as the non-completion of a third Delphi round. Likewise, the “Block B (open answer questions)” it was not contemplated in the second phase for a new collection of answers, which could partially change the results presented here.
Practical implications
The results show important insights for ITG researchers that can allow new researches about its applications, jointly reflecting on relevant aspects for the advancement of this research field.
Social implications
There are several research contributions to broaden the discussion and the evolution of this new scientific field in Brazil and that can be grouped for each set of stakeholders: academia and related researchers; the practicing community of business managers and private and public organizations; the academic legitimizing bodies; the non-academic legitimating bodies and researchers from other areas of knowledge.
Originality/value
ITG is a concept that emerged as part of corporate governance (CG), which has evolved as an emerging theme and is expanding in the international academic arena. However, the current stage of legitimation, theorization and trends of ITG in the Brazilian researches are lacked greater understanding, in order to provide better targeting for new researches.
Details
Keywords
Guilherme Costa Wiedenhöft, Edimara Mezzomo Luciano and Josiane Brietzke Porto
The purpose of this paper is to address the process of organizational governance of IT resources, called IT governance (ITG), especially its behavioral approach. The…
Abstract
Purpose
The purpose of this paper is to address the process of organizational governance of IT resources, called IT governance (ITG), especially its behavioral approach. The organizational citizenship behavior (OCB) concept was used to understand the relationship between the behavioral dimensions and the perception of ITG effectiveness. The objective of this research is to identify if individuals’ behavior contributes to a greater perception of ITG effectiveness in public organizations. This is an exploratory and descriptive research with a quantitative approach.
Design/methodology/approach
This was an exploratory and descriptive research with a quantitative approach. A survey with IT teams of public organizations in a Brazilian state was performed, and data were analyzed through partial least squares. A positive and significant relationship between the variables Spirit of Initiative (R2=0.2926) and Identification with the Organization (R2=0.1276), and the perception of ITG effectiveness was found.
Findings
Results showed that when OCB levels are higher, ITG is more easily perceived as effective. This occurs because the predisposition to adopt ITG mechanisms increases the changes in the governance process, which are understood as significant by the organization. In addition, it is important to consider the impact of change on individuals, due to ITG adoption. This reinforces that ITG is not just about the IT department, but also refers to its adoption and use throughout the organization as a key resource for the implementation of public policies and for following governmental strategies.
Research limitations/implications
The predictive capacity of the proposed relationship model requires a larger number of confirmatory studies. Its application is suggested in other federative units or in private organizations.
Practical implications
OCB increases the predisposition to adopt ITG mechanisms, provided they understand that changes in the governance process are important to the organization. The change impact on individuals due to ITG adoption is also relevant, which shows that ITG is not only about the IT department, but also about IT adoption and its use throughout the organization.
Originality/value
The paper helps understanding the behavioral effects on the effectiveness of the GTI, since the simple adoption of GTI mechanisms does not guarantee that they are effective in achieving its objective of responding to governmental demands.
Details
Keywords
Teemu Mikael Lappi, Kirsi Aaltonen and Jaakko Kujala
This paper aims to increase the current understanding of the connection between operational level information and communication technology (ICT) projects and national level…
Abstract
Purpose
This paper aims to increase the current understanding of the connection between operational level information and communication technology (ICT) projects and national level digital transformation by researching how project governance structures and practices are applied in an e-government context.
Design/methodology/approach
An elaborative qualitative study through public documentary analysis and empirical multi-case research on Finnish central government is used.
Findings
The study constructs a multi-level governance structure with three main functions and applies this in an empirical setting. The results also describe how different governance practices and processes, focusing on project portfolio management, are applied vertically across different organizational levels to connect the ICT projects with the national digitalization strategy.
Originality/value
This study integrates project governance and portfolio management knowledge into public sector digitalization, thus contributing to project management, e-government and ICT research streams by improving the current understanding on the governance of ICT projects as part of a larger-scale digitalization. This study also highlights perceived gaps between current governance practices and provides implications to managers and practitioners working in the field to address these gaps.
Details
Keywords
Johan Magnusson, Tero Päivärinta and Dina Koutsikouri
The purpose of this study is to explore and theorize on balancing practices (BP) for digital ambidexterity in the public sector.
Abstract
Purpose
The purpose of this study is to explore and theorize on balancing practices (BP) for digital ambidexterity in the public sector.
Design/methodology/approach
The research is designed as an interpretative case study of a large Swedish authority, involving data collection in the form of interviews and internal documents. The method of analysis involves both theorizing on the findings from a previous framework for digital innovation and deriving design implications for ambidextrous governance.
Findings
The findings show that all identified BP except one (shadow innovation) is directed toward an increased emphasis on efficiency (exploitation) rather than innovation (exploration). With the increased demand for innovation capabilities in the public sector, this is identified as a problem.
Research limitations/implications
The limitations identified are related to the choice in the method of an interpretative case study, with issues of transferability and empirical generalizability as the main concerns. The implications for research are related to a need for additional studies into the enactment of digital ambidexterity, where the findings offer insight and inspiration for continued research.
Practical implications
The study shows that managers and executives involved in the design and imposition of governance within the public sector need to take the design recommendations for digital ambidexterity into consideration.
Social implications
The study offers two main implications for practice. First, policymakers need to take the conceptual distinction of efficiency and innovation into account when designing policies for the digital government. Second, existing funding practices need to be re-designed to better facilitate innovation.
Originality/value
This is the first study directed toward enhancing the insight into BP for digital ambidexterity in the public sector. The study has so far resulted in both a localized shift in policy and new directions for research. With the public sector facing needs for increased innovation capabilities, the study offers a first step toward understanding how this is currently counteracted through governance design.
Details
Keywords
Patrick Sven Ulrich, Alice Timmermann and Vanessa Frank
The starting point for the considerations the authors make in this paper are the special features of family businesses in the area of management discussed in the literature. It…
Abstract
Purpose
The starting point for the considerations the authors make in this paper are the special features of family businesses in the area of management discussed in the literature. It has been established here that family businesses sometimes choose different organizational setups than nonfamily businesses. This has not yet been investigated for cybersecurity. In the context of cybersecurity, there has been little theoretical or empirical work addressing the question of whether the qualitative characteristics of family businesses have an impact on the understanding of cybersecurity and the organization of cyber risk defense in the companies. Based on theoretically founded hypotheses, a quantitative empirical study was conducted in German companies.
Design/methodology/approach
The article is based on a quantitative-empirical survey of 184 companies, the results of which were analyzed using statistical-empirical methods.
Findings
The article asked – based on the subjective perception of cybersecurity and cyber risks – to what extent family businesses are sensitized to the topic and what conclusions they draw from it. An interesting tension emerges: family businesses see their employees more as a security risk, but do less than nonfamily businesses in terms of both training and organizational establishment. Whether this is due to a lack of technical or managerial expertise, or whether family businesses simply think they can prevent cybersecurity with less formal methods such as trust, is open to conjecture, but cannot be demonstrated with the research approach taken here. Qualitative follow-up studies are needed here.
Originality/value
This paper represents the first quantitative survey on cybersecurity with a specific focus on family businesses. It shows tension between awareness, especially of risks emanating from employees, and organizational routines that have not been implemented or established.
Details
Keywords
Jani Koskinen, Sari Knaapi-Junnila, Ari Helin, Minna Marjaana Rantanen and Sami Hyrynsalmi
Data economy is a recent phenomenon, raised by digital transformation and platformisation, which has enabled the concentration of data that can be used in economic purposes…
Abstract
Purpose
Data economy is a recent phenomenon, raised by digital transformation and platformisation, which has enabled the concentration of data that can be used in economic purposes. However, there is a lack of clear procedures and ethical rules on how data economy ecosystems are governed. As a response to the current situation, there has been criticism and demands for the governance of data use to prevent unethical consequences that have already manifested. Thus, ethical governance of the data economy ecosystems is needed. The purpose of this paper is to introduce a new ethical governance model for data economy ecosystems. The proposed model offers a more balanced solution for the current situation where a few global large-scale enterprises dominate the data market and may use oligopolistic power over other stakeholders.
Design/methodology/approach
This is a conceptual article that covers theory-based discourse ethical reflection of data economy ecosystems governance. The study is based on the premise of the discourse ethics where inclusion of all stakeholders is needed for creating a transparent and ethical data economy.
Findings
This article offers self-regulation tool for data economy ecosystems by discourse ethical approach which is designed in the governance model. The model aims to balance data “markets” by offering more transparent, democratic and equal system than currently.
Originality/value
By offering a new ethically justified governance model, we may create a trust structure where rules are visible and all stakeholders are treated fairly.
Details
Keywords
Tshepo Arnold Chauke and Mpho Ngoepe
Many organisations, including professional councils, operate manually to ensure document flow to clients and stakeholders. This results in the loss of valuable documentation such…
Abstract
Purpose
Many organisations, including professional councils, operate manually to ensure document flow to clients and stakeholders. This results in the loss of valuable documentation such as certificates and the incurring of costs due to the returning of post to the sender. The purpose of this study was to explore digital transformation of document flow at the South African Council for Social Science Professionals.
Design/methodology/approach
The methodological approach involved qualitative data collected through interviews, observation and document analysis in response to research questions. The study was a participatory action research project that involved collaboration between researchers and study participants in defining and solving the problem through needs assessment exercise. All three phases of participatory action research were followed, namely, the “look phase”: getting to know stakeholders so that the problem is defined on their terms and the problem definition is reflective of the community context; the “think phase”: interpretation and analysis of what was learned in the “look phase” and the “act phase”: planning, implementing, and evaluating, based on information collected and interpreted in the first two phases.
Findings
The study identified various issues relating to poor data quality, high rate of registered postal returns and non-delivery electronic messages that cannot reach all the intended recipients and accumulation of data for decades. In this regard, the study proposes a framework that can be used by SACSSP to update and verify their details on the portal, as well as digital certificates for membership.
Research limitations/implications
Although the proposed framework is tailor-made for the professional council, it is not depended on prescribed technologies due to usage of open standards that can be used by industry and researchers. Therefore, it can be applied in other context where institutions such as universities communicate with many clients via postal or courier services.
Originality/value
The study used participatory action research involving the researchers and the organisation to solve the problem. The study presented a workflow that the council can use to ensure that the documents reach intended recipients. Furthermore, digital transformation of the process will ensure that the registered professionals are able to access their certificates online and can print them when necessary.
Details
Keywords
Tadele Shimels and Lemma Lessa
Information systems' security is more critical than ever before since security threats are rapidly growing. Before putting in place information systems' security measures…
Abstract
Purpose
Information systems' security is more critical than ever before since security threats are rapidly growing. Before putting in place information systems' security measures, organizations are required to determine the maturity level of their information security governance. Literature review reveals that there is no recent study on information systems' security maturity level of banks in Ethiopia. This study thus seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators.
Design/methodology/approach
Four private banks are selected as a representative sample. The system security engineering capability maturity model (SSE-CMM) is used as the maturity measurement criteria, and the measurement was based on ISO/IEC 27001 information security control areas. The data for the study were gathered using a questionnaire.
Findings
A total of 93 valid questionnaires were gathered from 110 participants in the study. Based on the SSE-CMM maturity model assessment criteria the private banking industry's current maturity level is level 2 (repeatable but intuitive). Institutions have a pattern that is repeated when completing information security operations but its existence was not thoroughly proven and institutional inconsistency still exists.
Originality/value
This study seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators. This topic has not been attempted previously in the context of Ethiopian financial sector.
Details