Fit for Purpose Enterprise Architecture

Today’s enterprises are confronted with an ever-changing environment demanding continuous (digital) transformation. Currently enterprise architects tend to guide these changes with so called \u27one size fits all\u27 architectural approaches. However, tuning such approaches to a variety of change situations is difficult. There is a call for a more flexible instrument among practitioners that is designed to be tailored to the context of a specific situation. Such fit for purpose enterprise architecture approaches have the potential to play a key role in the current times of digital transformation. In this paper we present the first steps towards a situational enterprise architecture approach that is based on differentiating between subsystems within organizations, by defining which characteristics of subsystems are relevant to determining the correct enterprise architecture approach

Framing China: Transformation and Institutional Change

The paper offers a frame for investigating the extent to which decentralisation, and subsequent locally chosen institutions shape private organisational and institutional innovation. To include the numerous locally based “economic regimes†matters as the resulting business system reflects political institution setting and private organisational innovation. Such a frame is a necessary first step for empirical studies attempting to explain the heterogeneity of China’s business systems, the emergence of hybrid organisations, and last but none the least, the different growth rates that can be observed across China.Transition Economy;Institutional Change in China;Private Business Sector

BUILDING SITUATIONAL AWARENESS IN THE AGE OF SERVICE ECOSYSTEMS

We discuss the little-explored construct of situational awareness, which will arguably become increasingly important for strategic decision-making in the age of distributed service ecosystems, digital infrastructures, and microservices. Guided by a design science approach, we introduce a mapping artefact with the ability to enhance situational awareness within, and across, horizontal value chains, and evaluate its application in the field amongst both IS practitioners and IS researchers. We make suggestions for further research into both construct and artefact, and provide insights on their use in practice

Factors Influencing the Adoption of Cloud Incident Handling Strategy: A Preliminary Study in Malaysia

This study seeks to understand the factors influencing the adoption of an incident handling strategy by organisational cloud service users. We propose a conceptual model that draws upon the Situation Awareness (SA) model and Protection Motivation Theory (PMT) to guide this research. 40 organisational cloud service users in Malaysia were surveyed. We also conduct face-to-face interviews with participants from four of the organisations. Findings from the study indicate that four PMT factors (Perceived Vulnerability, Self-Efficacy, Response Efficacy, and Perceived Severity) have a significantly influence on the adoption of cloud incident handling strategy within the organisations. We, therefore, suggest a successful adoption cloud incident handling strategy by organisational cloud service users involves the nexus between these four PMT factors. We also outline future research required to validate the model

Platform Architectures: The Structuration of Platform Companies on the Internet

Today's internet is shaped largely by privately operated platforms of various kinds. This paper asks how the various commercially operated communication, market, consumption and service platforms can be grasped as a distinct organizational form of enterprise. To this end, we make a basic distinction between (1) the platform-operating companies as organizing and structuring cores whose goal is to run a profitable business, and (2) the platforms belonging to these companies as more or less extensive, rule-based and strongly technically mediated social action spaces. While platform companies are essentially organizations in an almost archetypical sense, the internet platforms they operate constitute socio-technically structured social, market, consumption or service spaces in which social actors interact on the basis of detailed and technically framed rules, albeit, at the same time, in a varied and idiosyncratic manner. The thesis of this paper is that the coordination, control and exploitation mechanisms characteristic of the platform architectures are characterized by a strong hierarchical orientation in which elements of co-optation and the orchestrated participation of users are embedded. In this hybrid constellation, the platform companies have a high degree of structure-giving, rule-setting and controlling power - in addition to exclusive access to the raw data material generated there. While this power may manifest, at times, as rigid control, direct coercion or en-forceable accountability, for the majority of rule-obeying users it unfolds nearly imperceptibly and largely silently beneath the surface of a (supposed) openness that likewise characterizes the platforms as technically mediated spaces for social and economic exchange

Design science research towards resilient cyber-physical eHealth systems

Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur.Most eHealth systems are cyber-physical systems (CPSs) making safety-critical decisions based on information from other systems not known during development. In this design science research, a conceptual resilience governance framework for eHealth CPSs is built utilizing 1) cybersecurity initiatives, standards and frameworks, 2) science of design for software-intensive systems and 3) empowering cyber trust and resilience. According to our study, a resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system. In a system of CPSs, three networks are composed: platform, software and social network. The resilient platform network is the basis on which information sharing between stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom. From citizens’ point of view, eHealth is wholeness in which requirements of information security hold true. Present procedures emphasize confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cybersecurity should turn from “threat, crime, attack” to “trust” and “resilience”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level. In health sector, increasingly interconnected social, technical and economic networks create large complex CPSs, and risk assessment of many individual components becomes cost and time prohibitive. When no-one can control all aspects of CPSs, protection-based risk management is not enough to help prepare for and prevent consequences of foreseeable events, but resilience must be built into systems to help them quickly recover and adapt when adverse events do occur

Enterprise Architecture Management: Toward a Taxonomy of Applications

Despite the growing interest in enterprise architecture management, researchers and practitioners lack a shared understanding of its applications in organizations. Building on findings from a literature review and eight case studies, we develop a taxonomy that categorizes applications of enterprise architecture management based on three classes of enterprise architecture scope. Organizations may adopt enterprise architecture management to help form, plan, and implement IT strategies; help plan and implement business strategies; or to further complement the business strategy-formation process. The findings challenge the traditional IT-centric view of enterprise architecture management application and suggest enterprise architecture management as an approach that could support the consistent design and evolution of an organization as a whole

Evaluation of the usability of a new ITG instrument to measure hard and soft governance maturity

IT governance (ITG) has stayed a challenging matter for years. Research suggests the existence of a gap between theoretical frameworks and practice. Although current ITG research is largely focused on hard governance (structure, processes), soft governance (behavior, collaboration) is equally important and might be crucial to close the gap. The goal of this study is to evaluate the usability of a new ITG maturity instrument that covers hard and soft ITG in detail. We conducted ten case studies and evaluated the instrument positively on usability; but feedback also revealed that the assessment questions needed improvements. We demonstrate that combining the instrument with structured interviews results in an enhanced and usable instrument to determine an organization’s current level of hard and soft ITG. We conclude that this new instrument demonstrates a way to reduce the mismatch between ITG maturity theory and practice

AN INSTITUTIONAL FRAMEWORK FOR ANALYZING ORGANIZATIONAL RESPONSES TO THE ESTABLISHMENT OF ARCHITECTUAL TRANSFORMATION

The need for constant transformation of enterprises is omnipresent. A discipline that has been proposed to support the coordination of enterprise transformation is Enterprise Architecture Management (EAM) which has grown to a mature discipline in academia and practice. However, it can be observed in practice that it still is a challenge to introduce such an architectural coordination approach for supporting enterprise transformation. This may be due to the reason that the institutional context of EAM is only little understood, that is, the interplay between the pressures EAM exerts on the organisation and the response strategies of this organisation. The paper reviews existing work on institutional theory and confirms by means of a case study that the institutional factors of cause, constituents, content, control, and context are not only relevant for EAM but may be consistently linked to response strategies of acquiesce, compromise, avoid, defy, and manipulate. Moreover the case study implies to add additional institutional factors for EAM, namely trust and participation