IT Capabilities and Strategic Improvisation: A Multi-Method Investigation

Start-up organizations are disrupting previously stable industries with new business models. Existing organizations in these environments need to strategically improvise, that is develop the ability to rapidly seize opportunities, and without prior planning, creatively reconfigure their operational capabilities. As a dynamic capability, strategic improvisation (SI) requires three factors: real-time information, instantaneous communication and memory. We proposed that a well-developed information management capability (IMC), IT infrastructure flexibility (ITIF), and organizational memory (OM) facilitate SI. We analyzed results from a telephone survey of IT executives using two methods, variance-based PLS and set-theoretic qualitative comparative analysis (QCA). These methods provide a more complete understanding of the complex relationships among SI and IT capabilities such as IMC and ITIF. PLS findings confirm their enabling roles. QCA findings further indicate that these IT capabilities and OM play different, complementary roles in SI. Implications for research and practice are presented

Role of Digital Capabilities in Unleashing the Power of Managerial Improvisation

To address unexpected events rapidly and creatively, organizations increasingly need to rely on their ability for managerial improvisation. We identify two digital capabilities - a flexible IT infrastructure and a well-developed information management capability - that organizations can use to foster managerial improvisation and can leverage, depending on the type of unexpected event. Weak digital capabilities may limit the effectiveness of managerial improvisation, as may organizational structures and culture.Click here for free presentation slides (pdf

Implications of Organizational Governance on Cybersecurity Management: A Qualitative Study in Higher Education

Today’s digital organizations recognize the imperative of adopting a strategic approach to cybersecurity, acknowledging that managerial and behavioral processes, alongside technical measures, play a crucial role in ensuring organizational cybersecurity. Despite this understanding, the existing literature lacks clarity on the relationship between organizational governance and cybersecurity. Practical guidance is also limited on how different mechanisms of governance—structural, formal, and relational—can be leveraged to enhance an organization’s cybersecurity posture considering its overall governance model. To address this gap, we conducted interviews with 12 employees from a higher education institution. Our findings suggest a robust connection between organizational governance and cybersecurity management, revealing that cybersecurity strategy and behavior are influenced by the governance choices made within an organization. Our results highlight the significance of relational governance in a setting where it is challenging to impose rules and regulations due to the independence of organizational units and the autonomy of employees