Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model

TAXONOMY OF TECHNOLOGICAL IT OUTSOURCING RISKS: SUPPORT FOR RISK IDENTIFICATION AND QUANTIFICATION

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification mode

COOPERATION MECHANISMS FOR MONITORING AGENTS IN SERVICE-ORIENTED ARCHITECTURES

The Service-Oriented Architecture paradigm (SOA), e.g., realized with Web Services technology, enables enterprises to establish cross-organizational, service-based workflows. An important issue is the monitoring of the fulfillment of Service Level Agreements (SLAs) which define the responsibilities between the participants. Recent research has shown that agent technology is a useful approach in this context. Thus, we present ways for agent cooperation on different levels of abstraction. This cooperation aims at monitoring workflows and especially to react to deviations in different scenarios of SLA violations

A Comparison of Self-Organization Mechanisms in Nature and Information Technology

Successful concepts of self-organization found in natural systems can enable enterprise information systems to address their complexity issues. In this paper, we propose an analysis of self-organization approaches found in natural sciences and information technology. Based on common classes both for application areas and mechanisms, these two fields are compared in order to identify successful concepts, which can be used for the adaptation in information systems research. For illustration purposes, we give a brief example for self-organization in the domain of Service-oriented Architectures, i.e., cooperation mechanisms for agents monitoring services

2011-09-22 Minutes of the Executive Committee of the Academic Senate

Approved minutes of a meeting of the Executive Committee of the Academic Senate of the University of Dayto

Educational Automatic Question Generation Improves Reading Comprehension in Non-native Speakers: A Learner-Centric Case Study

Background: Asking learners manually authored questions about their readings improves their text comprehension. Yet, not all reading materials comprise sufficiently many questions and many informal reading materials do not contain any. Therefore, automatic question generation has great potential in education as it may alleviate the lack of questions. However, currently, there is insufficient evidence on whether or not those automatically generated questions are beneficial for learners' understanding in reading comprehension scenarios. Objectives: We investigate the positive and negative effects of automatically generated short-answer questions on learning outcomes in a reading comprehension scenario. Methods: A learner-centric, in between-groups, quasi-experimental reading comprehension case study with 48 college students is conducted. We test two hypotheses concerning positive and negative effects on learning outcomes during the text comprehension of science texts and descriptively explore how the generated questions influenced learners. Results: The results show a positive effect of the generated questions on the participants learning outcomes. However, we cannot entirely exclude question-induced adverse side effects on learning of non-questioned information. Interestingly, questions identified as computer-generated by learners nevertheless seemed to benefit their understanding. Take Away: Automatic question generation positively impacts reading comprehension in the given scenario. In the reported case study, even questions recognized as computer-generated supported reading comprehension

Kontextbasierte Eventerkennung in der Logistik mit drahtloser Sensornetztechnologie

Eine lückenlose Echtzeitüberwachung von Logistikprozessen erlaubt es Events frühzeitig zu erkennen und auf diese angemessen zu reagieren und eröffnet das Potential Haftungsfragen leichter zu klären und Versicherungsprämien zu senken. Mittels drahtloser Sensornetz-technologie wird eine entsprechende Echtzeiterkennung von und -benachrichtigung über Events in Logistikprozessen möglich. Diese muss aber sowohl kosten- und energieeffizient als auch kundenorientiert realisiert werden. Im vorliegenden Beitrag wird hierzu das Konzept der „übertragungsrelevanten Events“ vorgestellt und zur konkreten Umsetzung ein Scoresheet-basiertes Verfahren entwickelt. Die Effizienz und Vorteilhaftigkeit dieses Verfahrens im Vergleich zu anderen Verfahren zur Eventerkennung und -benachrichtigung im Rahmen einer Echtzeitüberwachung von Logistikprozessen wird mittels Simulations-experimenten gezeigt

Revealing Business Relationships – Eavesdropping Cross-organizational Collaboration in the Internet of Services

The Internet of Services is envisioned as a global ServiceorientedArchitecture enabling collaboration across organizationalboundaries. However, by monitoring communicationendpoints, attackers can create detailed proles of serviceconsumers and providers even if typical security mechanismssuch as message encryption are used. In a businesscontext, this trac analysis threatens the relationshipanonymity of the participants and can reveal sensitive informationabout an organization\u27s underlying business processesor a service provider\u27s client base. In this paper, wediscuss the simulation-based evaluation of dierent attackscenarios regarding the identication of the service compositionsan organization uses. Thus, we oer insights regardingthe limits of anonymity for cross-organizational collaborationin the Internet of Services