While security professionals have long talked about risk, moving an organization from a “security” mindset to one that thoughtfully considers information risk is a challenge. Managing information risk means building risk analysis into every business decision. In this panel, we will discuss how CISOs are working to move the conversation from security towards information risk. In particular, we w...

In order to explain how DIYbio knowledge and expertise is developed and shared the use of Practice Theory will help us gain a useful understanding of how working practices are sustained, reproduced and potentially changed. In addition, the development and sharing of thick, evocative, rich descriptions of these practices might contribute to the motivational knowledge of DIYbio practitioners.

Employees and/or functional managers increasingly adopt and use IT systems and services that the IS management of the organization does neither provide nor approve. To effectively counteract such shadow IT in organizations, the understanding of employees’ motivations and drivers is necessary. However, the scant literature on this topic primarily focused on various governance approaches at firm ...

While cloud computing is becoming a mainstream IT sourcing option, especially large companies struggle with the internal governance of cloud and the issue of shadow IT. This study takes a technological frames perspective to contrast the knowledge and expectations that business versus IT stakeholders have regarding cloud IT. Our interview data from 20 business and IT managers display the incongr...

This paper deals with simulation modeling of the vessel traffic in Delaware River. The purpose is to study the impact of deepening on the navigational efficiency in the River. In this regard, vessel calls to terminals, lightering and barge operations, tidal and navigational rules in the River, terminal and anchorage properties as well as vessel profiles are considered in the model. The simulati...

The economic relevance of IT risks is increasing due to various operational, technical as well as regulatory reasons. Increasing flexibility of business processes and increasing dependability on IT require continuous risk assessment, challenging current methods for risk management. Extending IT risk management by a business process-oriented view is a promising approach for taking the occurring ...

This paper is an analysis of how Norwegians use television and the Internet in their leisure time. It sets up a taxonomy using the degree of engagement in the mediated information on one axis and the degree of sociability on the other. Within this matrix one can examine the similarities and differences between the two media and also differences between the generations. The analysis is based on ...

Although managing information technology (IT) risks is widely regarded as a critical in organizations, stakeholders often question the value provided by IT risk management (ITRM) to an organization. Organizational research suggests the concept of ‘enabling formalization’ to design highly formalized organizational processes. Processes like IT-RM that are designed in an enabling way support organ...

IT security issues and outsourcing of business processes are common but largely disjoint themes in the literature; common consideration is rare even though information security risk becomes a shared risk both through IS-based processes at outsourcing partners and potentially tightly-integrated IS systems. This paper explores this lack of an integrated model combining IT risk management view wit...