Mitigating risk in computerized bureaucracy

This paper presents an important aspect of the pragmatic dimensions of mitigating the risks that stem from computerized bureaucracy, and thereby, preserving the organizational integrity of a firm. A case study is used to provide valuable insights into the mechanics of such mitigation. The case refers to the problematic implementation and use of a computerized reservation system in a large budget hotel in London, United Kingdom. Following the empirical findings, Ciborra’s notions of bricolage, improvisation and tinkering are examined as practical and useful ways of addressing the downsides of computerized bureaucracy

Is project management the new management 2.0?

This paper considers the evolving nature of project management (PM) and offers a comparison with the evolving nature of management generally. Specifically, we identify a number of management trends that are drawn from a paper that documents a proposed ‘Management 2.0’ model, and we compare those trends to the way in which PM is maturing to embrace the challenges of modern organizational progress.Some theoretical frameworks are offered that assist in explaining the shift from the historically accepted ‘tools and techniques’ model to a more nuanced and behaviorally driven paradigm that is arguably more appropriate to manage change in today’s flexible and progressive organizations, and which provide a more coherent response, both in PM and traditional management, to McDonald’s forces. In addition, we offer a number of examples to robustly support our assertions, based around the development of innovative products from Apple Inc. In using this metaphor to demonstrate the evolution of project-based work, we link PM with innovation and new product development.

New Challenges in Critical Infrastructures : A US Perspective

L'émergence d'un plus large spectre de vulnérabilités (terrorisme, sabotage, conflits locaux et catastrophes naturelles) et l'interdépendance croissante de l'activité économique rendent particulièrement vulnérables les grands réseaux vitaux des pays industrialisés. Pour y faire face, des actions importantes doivent être menées à une échelle nationale, en particulier par le développement de partenariats étroits entre le secteur public et la sphère privée.Cet article analyse l'initiative présidentielle lancée dès 1996 aux Etats-Unis -premier pays au monde à inscrire ces questions à l'agenda du plus haut niveau décisionnel- ainsi que la structure nationale de partenariats mis en place depuis lors. Une telle démarche pourrait constituer un point de départ pour d'autres pays désireux d'élaborer leur propre analyse de vulnérabilités et leur stratégie d'amélioration.Les événements du 11 septembre 2001, comme les attaques à l'anthrax, ont néanmoins montré que les avancées américaines ne constituaient qu'une première étape d'un processus plus global de préparation nationale; les infrastructures critiques des Etats-Unis demeurent hautement vulnérables. Enfin, plusieurs idées fausses, par trop souvent récurrentes, doivent être dépassées pour traiter beaucoup plus efficacement ces risques à grande échelle sur un plan international.Partenariats public-privé;Risques à grande échelle;Infrastructures critiques;Nouvelles vulnérabilites;Sécurité nationale;Préparation collective

Supporting community engagement through teaching, student projects and research

The Education Acts statutory obligations for ITPs are not supported by the Crown funding model. Part of the statutory role of an ITP is “... promotes community learning and by research, particularly applied and technological research ...” [The education act 1989]. In relation to this a 2017 TEC report highlighted impaired business models and an excessive administrative burden as restrictive and impeding success. Further restrictions are seen when considering ITPs attract < 3 % of the available TEC funding for research, and ~ 20 % available TEC funding for teaching, despite having overall student efts of ~ 26 % nationally. An attempt to improve performance and engage through collaboration (community, industry, tertiary) at our institution is proving successful. The cross-disciplinary approach provides students high level experience and the technical stretch needed to be successful engineers, technologists and technicians. This study presents one of the methods we use to collaborate externally through teaching, student projects and research

The duality of Information Security Management: fighting against predictable and unpredictable threats

Information systems security is a challenging research area in the context of Information Systems. In fact, it has strong practical implications for the management of IS and, at the same time, it gives very interesting insights into understanding the process of social phenomena when communication information technologies are deployed in organizations. Current standards and best practices for the design and management of information systems security, recommend structured and mechanistic approaches, such as risk management methods and techniques, in order to address security issues. However, risk analysis and risk evaluation processes have their limitations, when security incidents occur, they emerge in a context, and their rarity and even their uniqueness give rise to unpredictable threats. The analysis of these phenomena which are characterized by breakdowns, surprises and side-effects, requires a theoretical approach which is able to examine and interpret subjectively the detail of each incident. The aim of this paper is to highlight the duality of information systems security, providing an alternative view on the management of those aspects already defined in the literature as intractable problems and this is pursued through a formative context (Ciborra, Lanzara, 1994) that supports bricolage, hacking and improvisation.Information systems security is a challenging research area in the context of Information Systems. In fact, it has strong practical implications for the management of IS and, at the same time, it gives very interesting insights into understanding the process of social phenomena when communication information technologies are deployed in organizations. Current standards and best practices for the design and management of information systems security, recommend structured and mechanistic approaches, such as risk management methods and techniques, in order to address security issues. However, risk analysis and risk evaluation processes have their limitations, when security incidents occur, they emerge in a context, and their rarity and even their uniqueness give rise to unpredictable threats. The analysis of these phenomena which are characterized by breakdowns, surprises and side-effects, requires a theoretical approach which is able to examine and interpret subjectively the detail of each incident. The aim of this paper is to highlight the duality of information systems security, providing an alternative view on the management of those aspects already defined in the literature as intractable problems and this is pursued through a formative context (Ciborra, Lanzara, 1994) that supports bricolage, hacking and improvisation.Articles published in or submitted to a Journal without IF refereed / of international relevanc

An exploration of the construction industry's role in disaster preparedness, response and recovery

The construction industry’s role in reconstruction activities following disasters such as the Indian Ocean Tsunami, is well documented. In particular, post-disaster reconstruction has been the subject of a significant body of research, with particular emphasis on developing countries that are less able to deal with the causes and impacts of disasters. There is, however, growing recognition that the construction industry has a much broader role to anticipate, assess, prevent, prepare, respond and recover from disruptive challenges. Advocates suggest construction professionals have a key role to play because they are involved in the construction of the infrastructure, and therefore should also be involved when an event destroys that infrastructure. They also suggest that the construction professions are in the best position to frame the discussion of the costbenefit trade-offs that occur in the risk management process; for example, the need for risk avoidance against the cost of implementing safety strategies. This exploratory paper considers the need for a more expansive view of the life cycle of infrastructure projects: one that extends beyond the traditional cycle of feasibility analysis, planning, design, construction, operation, maintenance and divestiture. This revised life cycle considers the construction professional’s ability to anticipate and respond to events, such as the Indian Ocean Tsunami, which damage or destroy an infrastructure project and reflects the construction industry’s ongoing responsibility toward an infrastructure’s users

A Framework for Managing Predictable and Unpredictable Threats: The Duality of Information Security Management

Information systems security is a challenging research area in the context of Information Systems. In fact, it has strong practical implications for the management of IS and, at the same time, it gives very interesting insights into understanding the process of social phenomena when communication information technologies are deployed in organizations. Current standards and best practices for the design and management of information systems security, recommend structured and mechanistic approaches, such as risk management methods and techniques, in order to address security issues. However, risk analysis and risk evaluation processes have their limitations, when security incidents occur, they emerge in a context, and their rarity and even their uniqueness give rise to unpredictable threats. The analysis of these phenomena which are characterized by breakdowns, surprises and side- effects, requires a theoretical approach which is able to examine and interpret subjectively the detail of each incident. The aim of this paper is to highlight the duality of information systems security, providing an alternative view on the management of those aspects already defined in the literature as intractable problems and this is pursued through a formative context (Ciborra, Lanzara, 1994) that supports bricolage, hacking and improvisation

Digital Operational Resilience: The Role of Non-routine Responses in Crisis Situations

This study focuses on digital operational resilience (DOR) to ensure the stability of increasingly integrated digital services, which is currently receiving heightened attention due to ongoing environmental crisis situations. Researchers often relate DOR to planning and preparation activities, such as business continuity or disaster recovery planning. However, some types of organisations – such as scale-ups – tend to lack elaborate plans for crisis situations, mainly driven by their rapid growth and resource constraints. Such firms seem to regularly engage in non-routine responses to overcome sudden disruptions, namely heuristics (i.e., swift decisions) and improvisation (i.e., swift actions). We present preliminary results of an in-depth case study demonstrating how a FinTech scale-up applied heuristics and improvisation for its crisis response. We show how the consequences of such non-routine responses go beyond immediate crisis resolution, incurring either negative effects that need to be managed (coping debt) or opportunities to be leveraged (new/revised business processes)

Shifting boundaries and new technologies: a case study in the UK banking sector.

This paper describes case study based research on the use of innovative computer-based decision support systems introduced into corporate lending processes in a major UK bank. It describes how the new technology was implicated in shifting boundaries: within the sector as a whole and in specific organizational de-layering; between local/global dimensions of the loans process; and in the status of expertise and personal/professional risk. The case study is connected to broader debates in IS and social transformation through an analysis that relates aspects of the empirical material to themes from social theories of reflexive modernization. Some implications and conclusions are drawn for both the banking sector and IS research.

Sensemaking and improvisation in the presence of protocols: the empirical case of pre-hospital assistence professionals

This study builds on successful episodes of improvisation in the prehospital emergency context to investigate how protocols can be articulated with unexpected events. An inductive approach shows that it is crucial for the flexible treatment of protocols to confront the disparity among mental models and the reality presented. Prehospital care practitioners accomplish this through benefit and harm assessment, risk assessment and resources attributes processes. Different types of unexpected events reflect in different improvisational processes: re-evaluation of cognitive resources, unrelated knowledge sources and re-interpretation of resources. Experience, resources, contextual factors and other operators are important factors in the decision process