Governance and Sustainability in Information Systems. Managing the Transfer and Diffusion of IT

‘Business Intelligence’ (BI) has been widely used to describe the process of gathering, analyzing and transforming large amounts of data into information useful for decision making. This paper examines BI from a decisionmaker’s perspective in an IT governance context through a case study of a large Scandinavian financial institution. The key findings indicate that BI is primarily used to inform structured operational decisions and as an instrument for dialogue in unstructured strategic decisions. Our study shows how ‘hard facts’ provided by BI are used as a foundation for opening a dialogue and as a supporting instrument to make arguments seem more convincing during decision-making discussions. We also found that standard performance reporting is used more for operational decision making, whereas predictive analytics are utilized primarily in strategic decision making. These results can assist managers looking to improve their operational and strategic decision-making processes by indicating the appropriate type of BI for each type of decision.

Research confirms that commercial OSS exists in many different ways according to its revenue model, type of license, development style, number of participating firms, number of participating volunteers or governance mode. In order to differentiate between an increasing variety of commercialization approaches, one may distinguish between projects with one dominating company, so called single vendor projects and those where more than one company is active, so called multi vendor projects. Furthermore, in order to structure different approaches, a project’s history is equally of importance in terms of whether a project was initiated by a firm or a community. In this paper, we therefore analyze and compare single and multi vendor as well as firm initiated and community initiated OSS projects with regard to technical contribution of voluntary and paid project members. Based on a dataset build upon Eclipse projects we expose, that the number of paid members is significantly higher in firm initiated and multi vendor projects.

Project Governance includes the elicitation of ideas for projects, choosing the best ideas, initiating projects, assigning resources, and nurturing the projects to success. In the third largest bank in Denmark – Jyske Bank – IT project managers often became uncertain when they were assigned new projects; their descriptions were either to vague or broad or sometimes even both. There was a need for better project scoping and improved idea descriptions. In this paper we describe how we committed ourselves to solve this problem. Based on a literature study on innovation and using an existing creative space (room) called the "land of opportunity", we used a design science approach to formulate a new idea maturation concept. Here two years later, we have developed and evaluated our concept on several project ideas. The uncertain project managers are now very enthusiastic; they really feel that they have a much clearer scope and idea description as well as an early prototype of the idea. After four design iterations, the concept stabilized. In this paper we present the idea maturation concept and the organizational design science research process we have used.

In recent years numerous publications in the field of Supply Chain Management have dealt with partner selection methods. So far, research has failed to offer a holistic approach for the selection of recycling partners that accounts for financial, social and environmental factors. In view of this fact, our ,;that supports recycling partner selection in the electrics and electronics industry. Based on a systematic literature review we identify limitations of existing approaches and design an integrated Fuzzy-AHP-TOPSIS model. In addition, relevant criteria for sustainable partner selection are determined. The approach is illustrated by means of an exemplary case study.

The issue of sustainability has been among the top concerns of IT practitioners for some time now. Although sustainability of and through IT can only be reached if all stakeholders work together, current teaching and on-the-job training approaches do not provide the required understanding of how to govern the cooperation. Furthermore, there is a general gap between IS academia and practice regarding skill teaching, stakeholder informing and contributions towards sustainable business practices. In this paper, we adopt a design science research methodology to develop and evaluate a first approach to close this threefold gap.

This paper will examine sustainability aspects of accessible information and communication technology for the private sector. First, the introduction highlights the current barriers against and drivers for barrier-free ICT. Second, the ICT scope for the further examination will be declared. Common accepted usability design clusters will be used to illustrate accessibility design principles. Regarding the impact of barrier-free ICT on sustainability aspects, three dimensions will be determined. For each dimension several positive effects, initiated by the implementation of accessible ICT, will be demonstrated.

In architecture, the primacy of function over form was one of the core tenets of the Bauhaus School of Design. In Information Systems, function is critical, yet so many systems fail to deliver hoped for benefits. Badly designed, acquired imitatively for their symbolic, magical power, they represent a form of kitsch. To illustrate this, we describe a major national IS initiative in the UK, the Vetting and Barring Scheme (VBS). Set up to ensure that only “suitable” adults would ever work with children and vulnerable adults, the Scheme became subject to increasing criticism for its intrusiveness and illiberality, and was suspended at the point of implementation in 2010. Here we expose the kitsch-ness of the Scheme as a meretricious imitation of the sort of diagnostic test used in medicine. We show how its inevitable dysfunctions outweighed its hypothetical benefits, which were largely magical and symbolic in nature. That the VBS attracted such little critical comment from IS scholars is significant, suggesting two biases (pro-business and pro-technology) in IS research which should be put right. We argue that kitsch can be combatted by practising design along principles akin to those of the Bauhaus. Our field can contribute to this, but our infatuation with theory, in itself a form of kitsch science, stands in the way of a closer relationship with practice.

A deep understanding of stakeholder strategies can be a powerful tool in helping IS researchers understand the realities of IS design and implementation in developing countries. We discuss the strategies used by stakeholders during the implementation of the first state government owned agricultural marketing information system project in India. Our main findings are that, while some stakeholder strategies were consistent with the implementation of the new system, most stakeholder strategies were not. Our findings may have important implications for the design and implementation of information systems in other developing countries.

Organizational control is one of the fundamental functions of management. Although controls come along with performance constraints, organizations rely on control mechanisms to direct attention, motivate, and encourage organizational members to act according to organizational goals and objectives. Managers build their decision on control design on the degree of knowledge about the value creation process and the predictability of the outcome. In this paper, we enhance a popular theoretical framework for organizational control design by enclosing IT-enabled controls. We explore the framework empirically in a multiple case study on Governance, Risk management, and Compliance information systems (GRC IS), a popular new trend in organizational control design. Our findings provide evidence that IT-enabled controls enable a new control mechanism, risk control, for situations with perfect knowledge about the transformation process and high ability to measure output. As research implication, we recommend an extension of organizational control theory to incorporate the effects of information technology on control design. As practical implication, we provide decision support for the selection of GRC controls, depending on situational factors and the expected value proposition. In sum, this research enhances the body of knowledge on organizational control design with a risk-based perspective.

The originating article of the Unified Theory of Acceptance and Use of Technology (UTAUT) has been cited by a large number of studies. However, a detailed examination of such citations revealed that only small proportion (43 articles) of these citations actually utilized the theory or its constructs in their empirical research for examining IS/IT related issues. In order to examine whether the theory is performing consistently well across various studies, this research aims to undertake a statistical meta-analysis of findings reported in 43 published studies that have actually utilized UTAUT or its constructs in their empirical research. Findings reveal the underperformance of theory in subsequent studies in comparison to the performance of UTAUT reported in the originating article. The limitations experienced while conducting the meta-analysis, recommendations, and the future scope for the further research in this area have also been briefly explained in concluding section.

Virtual ideas communities such as Dell’s “Ideastorm” or Intel’s “Ideazone” are very popular in practice. In such communities distributed groups of individual customers focus on voluntarily sharing and elaborating innovative ideas to support company’s new products development. However, a look at existing ideas community leads to the conclusion that many of them are featured to the minimum necessary. Typically, they fail to provide technical components and organizational arrangements that are able to motivate customers to submit ideas. Based on insights from motivation theory it is known that such components and arrangements could serve as incentives for submitting ideas, as they activate customers’ corresponding motives, which again lead to idea submission. In reverse, this means when knowing customers different motives one can systematically derive adequate components and arrangements from it. The aim of this paper is to derive components from customers’ motives. Our research approach is two-folded. First, we applied an online survey among participants of the SAPiens ideas community. We empirically queried motives that lead participants to submit ideas. After that we come up with an empirical tested set of six motives (self-marketing, fun, altruism, recognition, product improvement and enhancement as well as learning). Second, we used these six motives in order to derive a set of adequate components from it. Our research will deliver important examples and insights how to arrange virtual ideas communities with technical and organizational components and arrangements in order to make them more effective, so that more customers are willing to submit ideas.

Open Source receives high attention among organizations today, and there is also a growing interest on Open Source Enterprise Resource Planning (OS ERP) systems. Open source development is often considered having a high level of involvement from stakeholders in adopting organizations. However, it depends on for the first what is meant by stakeholders, but also what is meant by involvement. In the area of ERP development stakeholder involvement is defined as to what extent users of the system are involved in the development of the standardized software package. The way this is done differs between different vendors but it can be summarized as dealing with management of requirements. In this paper we explore how requirements management is done in development of OS ERP. To do this, we use a theoretical base on requirements management in the ERP field from which we investigate stakeholder involvement in four organizations and the development of it’s respectively OS ERP system. The basic question asked was: how are end-users of OS ERPs involved in the development of OS ERP. From the investigation we present a general picture of the requirements management process in the OS ERP area. The main conclusion is that end-users are not involved to the extent first expected and when comparing with proprietary ERP development a tendency towards a similar approach to requirements management in OS ERP development was discovered.

The 2008/2009 economic crisis provided a sustainable impulse for improving environmental scanning systems (ESS). Although a rich body of know-ledge exists, concepts are not often used in practice. This article contributes a literature review addressing six findings for ESS design to become more applicable than the state of the art. They are structured by the elements of information systems (IS) design theories. Addressing the lack of a sound requirements analysis, our first finding proposes 360-degree ESS for executives’ "managing a company" task and presents how to select just the most important scanning areas to keep focus. Three other findings cover the IS model perspective focusing on a better "grasp" of weak signals: define concrete indicators and use IT to identify relevant cause-effective-chains, leverage IT to automate day-to-day routines and monitor the variety of indicators’ movements, and—as a fourth finding—leverage expert experience with an impact matrix and translate indicators’ impact into a balanced opportunity-and-threat portfolio. From the methods perspective on ESS, we propose to more closely incorporate scanning results into executives’ decision-making process by generating scenarios from a set of environment assumptions as well as to use retrospective controls to continuously update the ESS and collaborate to share the scanning findings day-to-day.

This paper reports on the results of a test on a Co-operative Software Acquisition (COSA) model in which the users carry out the ICT investment by themselves. The existing models meant to help in the ICT investments process are too heavy and technical to be used in SMEs. A successful ICT investment is an organisational change process in which people have a critical role. The COSA model applies user participation and team-working in the acquisition of Commercial Off-The-Shelf (COTS) software products. The model is designed bearing three objectives in mind: 1) business orientation, 2) agility, and 3) practicality. The model can be applied to ICT investments in SMEs which have a professional team leader with basic business and IT knowledge. The results show that people are willing to commit to the COSA process, but problems exist related to systems thinking, decision making and risk taking.

The spectacular corporate collapses over the past decade, along with the introduction of the Sarbanes-Oxley Act and similar legislations across the world, have promoted significant awareness of IT governance. However, the causes of success and failure in IT governance framework adoption are yet to be adequately studied. This study aims to address this deficiency by proposing a research model to investigate factors influencing the success of IT governance adoption. The research model draws upon the information systems success model by Delone and McLean (2003) and the Technology-Organisation-Environment framework by Tomatzky and Fleisher (1990), to provide an integrated conceptual perspective for examining IT governance adoption and success.

Governance and compliance of health care networks gain more and more attention in the IS research. The configuration of medical care workflow systems and the compliance check of care processes according to national and international guidelines is the motivation for this paper. We are following a process model based approach for the management of health care networks. We present a service-based method for the compliance check of process models and enable a configuration of information systems with process models. The application of the method as well as the discussion of the practical benefits is illustrated by a real world case.

Managing business process compliance is a highly important topic in the financial sector. Various scandals and last but not least the financial crisis have caused many new constraints and legal regulations that banks and financial institutions need to face. Based on a domain-specific semantic business process modeling notation, we propose a new approach to modeling and analysis of business process compliance through the use of compliance building block patterns and business rules. These business process compliance patterns and rules serve as a necessary basis for the automatic identification of compliance issues in existing processes (process models) and hence for managing business process compliance in the financial sector.

Whereas recently cloud computing has gained enormous interest in research and practice, the deployment of cloud computing in larger companies and multi-nationals is still in its infancy. Practice often lacks a sufficiently specific, yet applicable method to determine a company’s cloud readiness and to identify and assess IT services to be taken to the cloud. This paper introduces such a field-tested method for assessing a multi-national’s cloud readiness. Beginning with Continental’s expectations towards cloud computing, the paper presents the Magic Matrices Method applied by Continental. The paper discusses the suitability of the method for research and practice. It concludes that the trend towards cloud computing may lead to easing assessment regarding the most critical stumbling blocks along the lines of compliance, security, and hence user control.

Assuring compliant business processes is an important task of business process management, which is commonly supported by the use of business process models. As every compliance rule corresponds with a typical structure, the detection of those corresponds to a pattern matching problem. More specifically, we encounter the problem of subgraph isomorphism. In this paper we propose an automatic business process compliance checking approach that relies on a subgraph isomorphism algorithm and that is suitable for process models in general. As common subgraph isomorphism is a problem that can only be solved in exponential time, we use an algorithm that simplifies the problem through pre-processing. This makes the isomorphism solvable in polynomial time. With the approach, we aim at supporting decision makers in business process compliance management.

Maturity models are widespread used in several domains ranging from business processes to complete management frameworks like CMMI, ITIL or Cobit. In the paper on hand we develop a detailed maturity model for the management of segregation of duties in ERP systems. Our model includes several aspects starting with simple access rights management of individual systems and leading to comprehensive organizational aspects of multiple systems environments. Applying this model, organizations are enabled to improve compliance regarding access rights using a step by step approach. The approach described can also be used to assess existing segregation of duties processes of an organization in order to reveal further improvement opportunities.

Information technology especially through Internet applications provides tremendous possibilities to knowledge workers, in any domain, to get access to vast amounts of data. This is a development with great benefits but also some challenging implications. In other words, as the information available increases, the knowledge workers’ needs to make sense of information, i.e. for, prioritizing, organizing, and interpreting information intensify. Yet, the information management practices, which are based on the user’s characteristics, have not been studied extensively. In this paper we suggest the examination and explication of the information management practices used by knowledge workers today in order to provide useful insights to managers involved in IS governance in the organisation. We also introduce specific theories which can be used as a lens to analyse the knowledge workers’ practices and offer useful theoretical insights into the domain. We contend that such research could provide a set of guidelines that can be adopted by organisations in order to offer their employees a structured way to deal with information management which is supported by the information technologies and systems available. We argue that our results could be useful to knowledge workers looking to exploit available information while overcoming information overload.

Sustainable innovation is about creating social, environmental, and economic value for all stakeholders involved. The sustainable innovation lens offers an extension of the prevailing discourse on Green IT/IS and renders a three-fold approach that encompasses social, environmental and economic dimensions of sustainability. Moreover, sustainable innovation entails a proactive approach that focuses on developing creative solutions to environmental and social challenges rather than merely on reducing the IT footprint by waste management and regulation compliance. Building on a longitudinal analysis of sustainable innovation in the automotive industry, we gained a number of relevant insights that can be applied to the information technology domain. First, our results illustrate that a sustainable innovation approach can serve as a source of creativity and innovation that enables firms to aim for generating bigger wins for businesses, the environment, and society overall. Second, our results suggest that sustainable innovation requires a concerted effort of all stakeholders to reshape existing norms and values, formulate new standards, and reconfigure work systems vis-à-vis the social and environmental vistas of sustainable value. Building on our study, we provide further recommendations for IT research and practice.

In this position statement we provide our understanding of the relation between the IS field and the notion of sustainability, and present our focus through a characterization of the “sustainability research” construct. By doing so, we hope to contribute to the discourse on a clarification of the construct itself in our research community.

The intention of this paper is to propose interaction design as a venue for IS research into sustainability and in that connection also propose a new theoretical psychological approach to interaction design. This new theoretical psychological framework is based on ecological psychology and activity theory. The paper will outline the scientific demands for the framework as well as the frameworks focus areas that are: 1) Intentional-motivational aspects of interaction 2) Sensory-motor aspects of interaction 3) Behavior-context aspects of interaction. Furthermore the paper will briefly present a design science research project applying the framework to interaction design for a climate management ICT system in greenhouses.

Many studies have confirmed the challenges relating to data quality in enterprises. This practice oriented research confirms the premise that data quality is of paramount importance to the efficiency and effectiveness of all organizations and that data quality management needs to be embedded within the organizational routines, practices and processes. In this paper we present a study on how to incorporate data quality management principles into organisations. The overriding measure for ‘real’ success is the sustainability of quality data, thus improving the quality of data over time, to engender long term success. The proposed principles and concepts were applied within a case study. The conclusions drawn from this study contends that this research has unearthed new knowledge as to the means by which data quality improvements may be sustained within diverse enterprise planning and information systems.

Common sense tells us that cost cutting leads to saving, and spending should therefore be minimized. However, a little reflection tells us that this sometimes leads to false economies. In an organizational context, these can lead on to a downward spiral of organizational ‘suicide’. Examples of false economies may include: saving on maintenance; saving on research and development expenditure; saving on margins (waste or just-in-time management); and saving on ‘how’ we do things, as opposed to ‘what’ we do. Common sense cost cutting makes ‘how’ invisible, and only recognizes ‘what’. It is vital that we also remember to consider ‘why’ activities are undertaken. Professional competence implies not only skill/knowledge in a particular field, but also desire to apply that knowledge in accordance with certain values, and engagement with the context of application so that learning through reflection may take place. Professional work therefore includes scope for extra-role behaviour, such as suggesting innovative methods or identifying and developing new opportunities (Bednar and Welch, 2010). We suggest that a naïve pursuit of ‘efficiency’ is likely to constrict and curtail possibilities for extra-role behaviour, with disastrous consequences for the development and growth of the business. Creation of systems experienced as sustainable therefore requires us to focus attention on perceived usefulness, rather than efficiency.

In the past, the development of information systems (IS) for companies was mostly driven by experts from the information technology (IT) department. Up to today, the users’ experiences, valuation of usability and suggestions for improvements have become important components in the research and development (R&D) process in order to ensure efficiency, usability and sustainability of the IS. Many newly developed IS components do not fail in terms of usability and effectiveness due to a lack of advanced technology, but because of failure to understand the users’ needs. Living Labs - open innovation environments - offer a unique opportunity for IT departments to involve users at each stage of the R&D process.

The objective of this paper is to provide a conceptual framework for discussing the question to what extent the Living Lab methodology is able to overcome problems concerning the diffusion of IT. Therefore, major challenges will be deduced from factors that influence IT adoption: characteristics of the technological innovation, communication channels and social context. Afterwards, potentials of Living Labs for the diffusion of IT, i.e. to what extent this methodology is able to meet the major challenges, will be analyzed.

The formation of bodies like the World Summit on the Information Society (WSIS) and the incorporation of Information and Communication Technologies (ICTs) in the Millennium Development Goals (MDGs) have given birth to the importance of connectivity, thus putting the Internet on the national agenda of every nation in the world. Countries (especially developing nations) have started drafting their own broadband policies so as to be able to ‘quickly’ provide Internet access to ‘all’ their citizens and to be able to ‘immediately’ start ‘reaping’ the fruits provided by broadband. This paper, therefore, looks at this process in the Republic of South Africa - that is, the discourses around the formulation of the National Broadband Policy - in order to uncover possible distortions and misconceptions. Moreover, it also looks at the interactions that existed amongst the actors that were involved or were supposed to be involved in the policy formulation process. This is done by using Habermas’ Critical Discourse Analysis (CDA).

This research aims to explore factors responsible for successful implementation of ERP systems in Indian organizations. The paper also aims to explore the similarities and differences in ERP system adoption between locally-owned and multinational companies in India. The data was collected from 56 project managers and business analysts with ERP expertise from both locally-owned Indian and multinational companies. The findings suggest that Business Plan and Vision, Project Management and Top Management Support were perceived as the three most important factors responsible for successful implementation. The result revealed no significant differences between Indian and multinational companies, hence indicating that both types of firms undertake the ERP implementations in the same manner.

In this paper we study the adoption of Web 2.0 platforms. Existing theoretical approaches to understand the adoption of IT are critically re-examined for their applicability in the Web 2.0 domain. We find that the two basic assumptions of traditional approaches 1) the unit of analysis is a person and 2) the technology´s primary utility is personal, does not hold for Web 2.0 platforms. Instead, we argue, the appropriate unit of adoption is the social network and the utility stems mainly from collective use.