450,716 research outputs found
Recommended from our members
Implementing section 404 of the sarbanes oxley act: Recommendations for information systems organizations
Section 404 of the Sarbanes Oxley (SOX) Act addresses the effectiveness of internal controls,
which in most organizations are either fully or partially automated due to the pervasiveness
and ubiquity of information technologies. Significant or material control deficiencies have to be
reported publicly. The adverse impact on organizations declaring deficiencies can be severe, for
example, damage to reputation and/or market value. While there are many practitioner-led manuals
and methods for dealing with 404, there has been little published in the academic research
literature investigating the role of Information Systems organizations in implementing Section
404. The paper addresses this gap in knowledge. We used institutional theory as the lens through
which to examine the experiences of Section 404 implementation in three global organizations.
We used the case study method and an abductive strategy to gather and analyze data respectively.
Our findings are summarized in six recommendations. We found that institutional pressures play
a critical role in the implementation of Section 404. In particular, organizations face coercive
pressure to achieve Section 404 compliance, without which punitive sanctions can be imposed by
regulators. Organizations tend to imitate one another in the methods they use so that each is perceived
to be in line with their competitive environment. Organizations face normative pressures to
act in ways that are socially acceptable, which is to achieve compliance. Failure to do so would
be a signal to the market that the organization does not take controls seriously. We expand these
findings in terms of power and influence tactics that IS organizations can use when implementing
Section 404. Our findings provide directions for practice and lines of enquiry for further research
Research Agenda for Studying Open Source II: View Through the Lens of Referent Discipline Theories
In a companion paper [Niederman et al., 2006] we presented a multi-level research agenda for studying information systems using open source software. This paper examines open source in terms of MIS and referent discipline theories that are the base needed for rigorous study of the research agenda
A Research Agenda for Studying Open Source I: A Multi-Level Framework
This paper presents a research agenda for studying information systems using open source software A multi-level research model is developed at five discrete levels of analysis: (1) the artifact; (2) the individual; (3) the team, project, and community; (4) the organization; and (5) society. Each level is discussed in terms of key issues within the level. Examples are based on prior research. In a companion paper, [Niederman, et al 2006], we view the agenda through the lens of referent discipline theories
Aerospace bibliography, fifth edition
Bibliography of references, periodicals, and educational materials related to space fligh
Password Cracking and Countermeasures in Computer Security: A Survey
With the rapid development of internet technologies, social networks, and
other related areas, user authentication becomes more and more important to
protect the data of the users. Password authentication is one of the widely
used methods to achieve authentication for legal users and defense against
intruders. There have been many password cracking methods developed during the
past years, and people have been designing the countermeasures against password
cracking all the time. However, we find that the survey work on the password
cracking research has not been done very much. This paper is mainly to give a
brief review of the password cracking methods, import technologies of password
cracking, and the countermeasures against password cracking that are usually
designed at two stages including the password design stage (e.g. user
education, dynamic password, use of tokens, computer generations) and after the
design (e.g. reactive password checking, proactive password checking, password
encryption, access control). The main objective of this work is offering the
abecedarian IT security professionals and the common audiences with some
knowledge about the computer security and password cracking, and promoting the
development of this area.Comment: add copyright to the tables to the original authors, add
acknowledgement to helpe
Recommended from our members
Meter Scoping Study
This report presents a summary of metering technology and cost information from past studies in an attempt to identify key barriers to more widespread implementation
- …