Farm/IT - Mein Entscheidungshilfeassistent in der Fruchtfolgeplanung

Farm/IT ist ein Fruchtfolgeplanungstool. Es erstellt Fruchtfolgen unter Berücksichtigung der Nutzerpräferenzen und liefert ökonomische und agronomische Daten. Es eröffnet neue Denkansätze, um die eigenen Fruchtfolgen genauer unter die Lupe zu nehmen

A Multi-Theoretical Literature Review on Information Security Investments using the Resource-Based View and the Organizational Learning Theory

The protection of information technology (IT) has become and is predicted to remain a key economic challenge for organizations. While research on IT security investment is fast growing, it lacks a theoretical basis for structuring research, explaining economic-technological phenomena and guide future research. We address this shortcoming by suggesting a new theoretical model emerging from a multi-theoretical perspective adopting the Resource-Based View and the Organizational Learning Theory. The joint application of these theories allows to conceptualize in one theoretical model the organizational learning effects that occur when the protection of organizational resources through IT security countermeasures develops over time. We use this model of IT security investments to synthesize findings of a large body of literature and to derive research gaps. We also discuss managerial implications of (closing) these gaps by providing practical examples

Information Security Investments: An Exploratory Multiple Case Study on Decision-Making, Evaluation and Learning

The need to protect resources against attackers is reflected by huge information security investments of firms worldwide. In the presence of budget constraints and a diverse set of assets to protect, organizations have to decide in which IT security measures to invest, how to evaluate those investment decisions, and how to learn from past decisions to optimize future security investment actions. While the academic literature has provided valuable insights into these issues, there is a lack of empirical contributions. To address this lack, we conduct a theory-based exploratory multiple case study. Our case study reveals that (1) firms’ investments in information security are largely driven by external environmental and industry-related factors, (2) firms do not implement standardized decision processes, (3) the security process is perceived to impact the business process in a disturbing way, (4) both the implementation of evaluation processes and the application of metrics are hardly existent and (5) learning activities mainly occur at an ad-hoc basis