Information Systems Management

Published by Taylor & Francis
Print ISSN: 1058-0530
Flexibility can have important consequences for the operational efficiency and long-term effectiveness of an enterprise system, yet is often not considered explicitly as a decision factor during system design and implementation. In this article, we join managerial advice for implementation strategies with insights from a theory that determines the flexibility requirements of an enterprise system in relation with characteristics of the business process that the system is intended to support. We align our theoretical considerations with practical evidence from the case of an electronic procurement system that was implemented at a Fortune 100 firm. Based on our findings, we present a roadmap that can guide flexibility and implementation strategies based on both project and process characteristics.
Software development is rarely an individual effort and generally involves teams of developers collaborating to generate good reliable code. Among the software code there exist technical dependencies that arise from software components using services from other components. The different ways of assigning the design, development, and testing of these software modules to people can cause various coordination problems among them. We claim that the collaboration of the developers, designers and testers must be related to and governed by the technical task structure. These collaboration practices are handled in what we call Socio-Technical Patterns. The TESNA project (Technical Social Network Analysis) we report on in this paper addresses this issue. We propose a method and a tool that a project manager can use in order to detect the socio-technical coordination problems. We test the method and tool in a case study of a small and innovative software product company.
Business process reengineering (BPR) and systems reengineering (SR) are often implemented separately, in an uncoordinated fashion. Yet practitioners realize that BPR can be informed by SR and that SR can benefit from the application of BPR concepts. This research indicates that potential synergies can result when BPR and SR are pursued in an integrated fashion. The paper presents an integrated BPR and SR model that has been successfully applied in practice. Guidance provided in the paper will assist the users to look for and develop their own versions of this process and gain from the resulting synergies.
The database management system (DBMS)continues to be a key component of the technical infrastructure of modern enterprises. It is the software that manages the creation, storage, retrieval, and manipulation of the enterprise's data. the database management system services the transacation processing applications that support the essential business processes and functions of the enterprise, and services the decision support software that allows business users to make more effective use of the enterprise's data. It is the cornerstone of modern enterprises because it is the focal point for all business transactions. the DBMS stores information on the enterprise's employees, products, customers, suppliers, financial performance, and other key business information.
Domain experts knowledge represents a major source of information in the design and the development of user-centric and distributed service-based applications, such as those of e-government. Issues related both to the communication among domain and IT ...
In the course of the evolution of management support towards corporate wide Business Intelligence infrastructures, the integration of components for handling unstructured data comes into focus. In this paper, three types of approaches for tackling the respective challenges are distinguished. The approaches are mapped to a three layer BI framework and discussed regarding challenges and business potential. The application of the framework is exemplified for the domains of Competitive Intelligence and Customer Relationship Management.
The role of the chief information officer has changed substantially since the events of September 11, the CIO to work in a way different from before. CIOs must immediately do several things. These include:showing a bias for action, conducting a scenario planning exercise, conducting a risk analysis, fast tracking tactical implementation, and, above all, communicating.
From Knowledge to Intelligence: Creating Competitive Advantage in the New Economy by Helen N. Rothberg andG. Scott Erickson, Amsterdam: Elsevier Butterworth Heinemann (2005), 365 pp.Competitive Intelligence and Global Business edited by David L. Blenkhorn and Craig S. Fleischer, Westport, CT: Praeger Publishers (2005), 292 pp.Outsource: Competing in the Global Productivity Race by Edward Yourdon, Boston: Prentice Hall PTR (2005), 251 pp.Digital Infrastructures: Enabling Civil and Environmental Systems through Information Technology edited by Rae Zimmerman and Thomas Horan, London: Routledge (2005), 254 pp.Decision Support Systems: Frequently Asked Questions by Daniel J. Power, New York: iUniverse Inc. (2005), 232 pp.
Compliance with the Sarbanes-Oxley Act of 2002 (SOX) has been hampered by the lack of implementation details. This article argues that IT departments that have implemented ten cat- egories of IT controls provided by the International Standards Organization (ISO 17799) will be well on their way toward SOX compliance. A side-by-side comparison of the 124 control com- ponents of the ISO Standard and the published SOX implementation guidelines is provided.
The Telecommunications Competition and Deregulation Act of 1996 has significantly changed the market in which telecommunications providers compete. This column clarifies some of the important sections of the act and the implications of the changes for those involved in the provision and use of telecommunications services.
The urgency of the year 2000 challenge is matched by the need to control the costs of what may be the largest IS task with no return on investment. Scaling back a year 2000 outsourcing project within acceptable levels of risk and breaking it down into three phases with targeted requests for proposal (RFPs) provides major cost savings and streamlines the bid-creation and vendor-selection process.
Total quality management offers a solution to the problem posed by the IS function's dismal track record for delivering required capability on schedule and within budget. Concerted efforts in the key process areas of project management, configuration management, and quality testing coupled with an empowered team offer the best chance that Year 2000 compliance will be achieved and significant competitive advantage gained.
To manage the Y2K problem rationally with a limited amount of time and resources, it is necessary to assess the risks and their corresponding magnitude and then respond accordingly. Risk management is the tool for doing that.
Four scenarios for the IS organization of 2020 are described, based on differing assumptions about two drivers: the advances in the reliability of international telecommunications and the value placed on computerization in businesses and society.
After Section 404 of the Sarbanes-Oxley Act (SOX 404) was released, developing a computer auditing system became more important for management and auditors. In this study, the researchers aim to: (1) explore the crucial control items of the purchasing and expenditure cycle in meeting the conditions of SOX 404; (2) develop a computer auditing system based on the recognized control items and requirements of SOX 404; and (3) validate the applicability of the system by using an ISO/IEC 9126 model in meeting organizational needs (ISO, 200119. International Organization for Standardization (ISO) (2001). ISO/IEC 9126-1:2001. (Accessed: 15 January 2006). View all references). The Gowin's Vee research strategy developed by Novak & Gowin (1984)32. Novak , J. D. and Gowin , D. B. 1984. Learning How to Learn, Cambridge: Cambridge University. [CrossRef]View all references was used in the study. In theory, researchers have identified eight operational procedures and 34 critical control items for the purchasing and expenditure cycle. The prototype computer auditing system of this study was then developed. On the experimental side, the researchers conducted two case studies based on the ISO/IEC 9126 software assessment criteria, the result of which showed that the system can provide company internal auditing personnel and their external auditors with a simple, continuous, timely, and analytical tool, which may promptly and effectively help in detecting problem control issues. We believe this study can contribute to the development of a sufficient and manageable computer auditing system, and provide prospective researchers and businesses with future directions in this subject area.
This case study examines the corporate expectations, conduct, and reactions surrounding a data-mining effort. Faced with the pressures of a still-restructuring business environment, even the executives who had initiated the effort failed to probe its value. They abandoned their commitment to prospecting and then the whole of the mining effort, despite its payback and promise. This article analyzes the project's failures and successes, offering guidelines that could make a difference in similar situations. If data mining is allowed to lose its strategic business focus, its potentialities will not be acknowledged.
This study presents results of a survey of self-proclaimed computer hackers about their perceptions in regards to illegal hacking. Results show that hackers continue to engage in illegal hacking activities despite the perception of severe judicial punishment. ...
This article investigates Enterprise Resource Planning absorption in transition and developed economies in Central and Eastern Europe. Using absorptive capacity theory and data envelopment analysis, we view organizational transformation in Enterprise Resource Planning absorption as an economic production process. Despite converging Enterprise Resource Planning saturation levels, the data identifies gaps in absorption levels and performance. Organizations in transition face greater challenges, engage more in phased Enterprise Resource Planning absorptions, and expect higher levels of external support.
The primary responsibility of the Chief Privacy Officer (CPO) is to protect online consumer privacy by developing an organization's privacy policy and ensuring compliance with privacy laws and regulations. However, the explosive growth of Internet use for business has brought about an escalation of concerns including reduced consumer confidence in Internet-related business activities, risk of financial loss, and legal liability from sources categorized as external and internal to the organization. Does the new CPO position provide adequate consideration of the increasing risks? This article discusses the far-reaching types of misconduct and risks organizations face. the article concludes by proposing the strategic response of an expanded role for the CPO. in addition to overseeing Internet privacy issues, the newly defined role of Chief Privacy and Integrity Officer (CPIO) would encompass Internet integrity. This entails formulating or reformulating an expressed Internet use policy, undertaking ongoing training and other means to maintain awareness of issues, monitoring internal sources, implementing defenses against external sources, and securing adequate liability insurance. the effectiveness of this new role, in overseeing these responsibilities, would be determined by assessing current operations, implementing proactive measures to reduce potential misuse, and continuously keeping abreast of technological advances, legislative and regulatory initiatives, and new areas of vulnerability.
Many universities have established forums to encourage dialogue between industry and academia, in an attempt to bridge the gap between what the former wants and the latter teaches. These meetings are often unsuccessful, with industry annoyed at academia for not focusing on practical subjects, while academia sees industry as narrow and shallow. For the discussion to be more constructive, this article presents a new model for collaboration between industry and academia, built around a shared learning repository.
Academics consider theories to be the bedrock of scientific research, while some business practitioners find them esoteric and difficult to understand. Previous discussions on this issue have often framed theories and research in terms of either rigor or relevance—with little middle ground for academics and practitioners to meet. This article maintains theories are useful to academics and practitioners, and that it is essential for both parties to take advantage of the characteristics and usefulness of theories. This article suggests specific ways academic researchers and business practitioners can effectively use a full range of theories.
The job of an acceptable use policy is to explain what the organization considers acceptable Internet and computer use and to protect both employees and the organization from the ramifications of illegal actions. This article describes how such policies are written, what they should cover, and how they are most effectively activated.
A survey of representative CEOs suggests that senior executives do not completely agree with the design principles proposed by professional EIS developers. By tailoring aspects of the development and presentation of an EIS to meet these user perceptions, IS managers and developers increase the chances of user acceptance and a successful EIS implementation.
With portability similar to a spiral notebook, the tablet PC enables new ways of working. This study investigates user acceptance of this new technology through interviews with employees in four industries who participated in three-month trials.
The authors describe a user/customer needs gap model that can be used to develop a balanced approach to managing the gaps between business customer and end-user needs for new systems and the solutions that are deployed.
The term “Internet technologies” has recently been coined to describe a set of software capabilities aimed at improving data communications and data access in contemporary enterprise information systems. This article presents a framework for implementing Internet technologies to improve enterprisewide data access, particularly in terms of the user interface, communications networking, the application platform, and the hardware operating systems platform. Examples of software products are given to illustrate how Internet technologies affect these platforms.
Legacy databases represent a valuable repository of stored knowledge that could prove useful if made available to a broader audience via Internet applications. This article provides a framework that will assist managers in reviewing and selecting appropriate techniques for integrating their legacy database systems with Web technology, based on their particular needs, resources, and constraints. in general, for smaller organizations with lower levels of expertise, relatively few data requests, and many resource constraints, scripting can provide a method of accessing a legacy database and publishing it via a Web-enabled application in the most cost-efficient method. For larger organizations with more resources, or for applications where a number of data requests are expected, an implementation using a Web application server such as Allaire ColdFusion is recommended. For organizations with detailed, highly specialized requirements or mission-critical information, a programming approach using Java/JDBC (perhaps in conjunction with XML) should be considered.
In today's world of "co-opetition" among organizations, where one organization competes and cooperates simultaneously with business partners, all organizations must have IT architectures that are nimble and flexible. This article takes a look at one important aspect in achieving a flexible IT architecture: access management of information resources over the Web. It describes an access management architecture that can change as business does and recommends how best to implement this nimble architecture.
The Resource-Event-Agent (REA) model has gained considerable attention in accounting lit- erature. While REA denotes a data model, which represents only the static aspect of a system, the dynamic aspect has now been introduced as the scenario concept in a recently proposed REA ontology. Using the Unified Modeling Language (UML) sequence diagram—a popular method of showing interactions among objects—and building on the REA framework and the scenario notion, the paper presents the READY model to illustrate patterns of dynamic behavior in accounting scenarios. The last four decades have yielded significant develop- ments in the field of Information Systems (IS) in general and Accounting Information Systems (AIS) in particular. Some of these developments have caused a significant shift in the way we conceptualize and represent business, information systems, and accounting phenomena. Two key developments in the area of business, and informa- tion systems data modeling are the introduction of the relational model (Codd, 1970) for representing and manipulating business data, and the entity relationship (ER) model (Chen, 1976) for conceptualizing data that can be implemented using the relational model. In this domain, accounting researchers have made a key contribution. The Resource-Event-Agent (REA) model
Research framework.
Overview Case Companies
Means, Standard Deviations, and Correlations
Management accounting systems (MAS) provide an information context that is required for strategic sensemaking. Research from the interpretive perspective of information processing suggests some mechanisms how MAS can contribute to strategic sensemaking, although it neglects the relationship between MAS use and MAS dimensions. The systems-structural perspective identified some important MAS dimensions, but it does not explain how these dimensions contribute to strategic sensemaking. The objective of this study is to explore the role of MAS in sensemaking and how MAS dimensions contribute to this role. Based on 30 interviews with top and middle managers from 7 large companies we suggest a set of MAS dimensions that relates to sensemaking.
A significant increase in the amount of e-mail spam has become a major concern to both organizations and employees. This article identifies and compares three different types of spam-detection approaches: list-based, content-scanning, and forged-e-mail detection. Because none of these approaches provides a comprehensive solution, a hybrid solution, which maximizes their collective strengths and minimizes their individual weaknesses, is proposed and tested with a prototype tool developed by the authors.
Providers need access to the data in patient healthcare records to make decisions that provide the type of high-quality services, which lead to successful medical treatments. This article summarizes the data accuracy and data availability problems that exist in managing healthcare records, and then describes various technology solutions that could be designed to address specific data problems.
High-quality reusable objects offer long-term benefits through reduced development and maintenance costs, but their creation does not automatically result from the introduction of object-oriented (OO) technology. Designing and implementing a formal usability program that simultaneously focuses on the dimensions of people, processes, and technology is the first step in achieving reusability in OO development.
As a process that must be planned, managed, and controlled, outsourcing presents quality challenges in the areas of vendor selection and products and services received. Achieving success in the first area depends on establishing procedures to thoroughly assess the vendor's competency and process discipline; in the second, quality is ensured through the requirements definition process, implementation of a formal change management system, and the linking of outsourcer milestones with quality reviews.
The planning hierarchy at BIOCO (adapted from Hu & Huang, 2006).  
IT-business alignment remains one of the top issues of IS managers. This article presents a case study in which four key elements of IT-business alignment — integrated planning, effective communication, active relationship management, and institutionalized culture of alignment — were enhanced by the enterprise-wide implementation of an established strategic management tool, the balanced scorecard.
When it comes to trading partner collaboration, it does not matter what the question is because the answer is always “your supply chain.” Achieving lower costs, shorter lead times, higher accuracy, and greater information flow requires that supply chains evolve toward more and more integration. in fact, the mythical and ideally balanced supply chain operates as a single organism delivering value to the customer by integrating processes and removing barriers between functions and companies.
Although a key section of the Communications Decency Act was struck down by the U.S. Supreme Court in 1997, this law covering content distribution over telecommunications and network devices is still in effect. This column looks at the provisions that IS managers must pay attention to.
This article reports on an action research project to investigate the barriers to adoption and assimilation of electronic health records (EHRs) in small physician practices. The project draws on theories of technology-use mediation and communities of practice to develop interventions to promote adoption and integration of EHRs into chronic care management processes in these practice settings. The field results suggest that developing community-based knowledge and resources to assist physician organizations one-on-one may be essential for their effective utilization of EHRs.
Companies are especially vulnerable to security breaches when significant changes occur, such as a reduction in workforce. Mischievous individuals and thieves thrive on chaos. Companies need even more diligence in their security effort when executing a reduction in force initiative. Security is an essential element of the downsizing effort. This article suggests ways to maintain security while downsizing.
Today, companies of every size are relying on Internet and other network connections to support their business. For each of those businesses, information and network security have become increasingly important. Yet, achieving a security level that will adequately protect a business is a difficult task because information security is a multifaceted undertaking. A successful information security program is a continuous improvement project involving people, processes, and technology, all working in unison.
When searching for products and information using search engines, Web consumers often see comparative shopping agents (CSAs) in search results. CSAs list companies that sell desired products and the prices they offer on one page, greatly reducing search ...
The empirical research presented in this paper corroborated that the managerial capabilities of IT executives fully mediate the effect of IT governance on enterprise adaptability, and indirectly mediate the effect of business governance through its direct effect on IT governance. It also showed that IT and business executives hold different views about the two respective governance systems. Organizations therefore should emphasize the development of IT executives' managerial capabilities in order to achieve IT-enabled enterprise adaptability.
Interplay of effects leading to compensatory adaptation (adapted from Kock and DeLuca, 2007) 
This article argues that e-collaboration technologies often pose obstacles to effective communication in complex collaborative tasks. The reason presented is that typically those technologies selectively suppress face-to-face communication elements that human beings have been designed by evolution to use extensively while communicating with each other. It is argued that technology users invariably react to those obstacles by engaging in compensatory adaptation, whereby they change their communicative behavior in order to compensate for the obstacles. The article concludes with a call for more research on how e-collaboration technologies can be designed to facilitate compensatory adaptation.
Today's environments of increasing business change require software development methodol- ogies that are more adaptable. This article examines how complex adaptive systems (CAS) the- ory can be used to increase our understanding of how agile software development practices can be used to develop this capability. A mapping of agile practices to CAS principles and three dimensions (product, process, and people) results in several recommendations for "best practices" in systems development.
If an organization seriously considers adding value to the IT function, substantial benefits for both the organization and the IT department can be produced. the issues involved may require considering new, more innovative approaches to the IT department's mission. Areas for review and improvement include the ways in which technology is being selected and used and improvements in the levels of IT customer service.
Today's rapidly changing, global, competitive business environment requires that an enterprise optimize its operations and leverage its data, information, and knowledge resources better than ever before. the result is an ever-increasing demand for data, information, and knowledge about the enterprise, its operations, and about its customers, suppliers, and business partners. the database management system is the key component of the information systems infrastructure of the modern enterprise that is focused on meeting this demand. the database management system is an organized store of the enterprise' data that provides ever-increasing capabilities for adding value to data by turning data into information; by turning this information into knowledge; and by sharing data, information, and knowledge securely throughout the enterprise.
Public managers are looking for ways to fully exploit the advantages of Web services and Web services orchestration technology for improving service delivery. This article analyzes the quest toward the creation of citizen-centric, cross-agency processes using Web service orchestration technology. Based on pilot projects in the Netherlands, the authors find that the use of Web service orchestration technology requires the introduction of new process orchestration roles and an evolution from hierarchical to agreement-driven relationships. Eight process orchestration roles and a stage model developed by the authors are presented.
In this study the authors examine some possible reasons for Novell Netware's fall from dominance in the 1990s to its near disappearance. The authors examine the role of the external variables security, productivity, and sharing on an administrator's perceptions and intention to use the software within the Technology Acceptance Model (TAM). The results show that difficulty in administration was not responsible for Netware's demise; on the contrary, Netware's environment resulted in a positive intention to use it.
Data warehouses are huge repositories of legacy data. They are usually configured as stars or snowflakes, and their application strength is their ability to associate pieces of data in unique and multiple ways. Obviously, they are very different from traditional relational databases, and as such they require administrators that possess a skill set different from that of traditional database administrators. This article explores the skills a data warehouse administrator must possess.
Top-cited authors
Marijn Janssen
  • Delft University of Technology
Yannis Charalabidis
  • University of the Aegean
Anneke Zuiderwijk
  • Delft University of Technology
Prasad Bingi
  • Purdue University Fort Wayne
Mark N. Frolick
  • Xavier University