IT strategy Implementation Framework – Bridging Enterprise Architecture and IT Governance

It’s increasingly acknowledged that firms cannot be competitive if their IT strategies are not implemented methodically. A number of proposals have been made to prioritize strategic IT plan executions and determine the most appropriate models and architectures. While IT governance primarily focuses on day-to-day IT operations, enterprise architecture primarily focuses on designing the future state of architecture in support of business. Despite still being a major concern for business and IT executives, there is little published research that bridges both and therefore attempts to give methodological support from a holistic perspective. Additionally it seems that governance needs to be investigated in terms of implementing IT strategies on different levels of abstraction. This article therefore proposes a framework to analyze institutions and guide ITstrategy implementation in order to analyze, monitor and control the desired results. Due to the underlying theories and applied interviews the model is potentially generalizable

PARADIGMS AND INFORMATION SYSTEMS AS AN APPLIED DISCIPLINE – A MODEL-BASED REPRESENTATION, PROBLEMS, AND SUGGESTED SOLUTIONS

Information Systems Discipline (ISD) is dominated by the two contrary paradigms of design science on the one hand and behavioral science on the other. Apart from that, research results are considered more or less relevant for practice depending on the respective paradigm. Conclusively, research communities following the paradigms are partly incompatible while, due to the notion of relevance for practice, the exchange between science and practice is hampered. Various “disconnects” hindering the collaboration both between design science and behavioral science and between science and practice emerged due to this. These aspects will be described and represented within a model-based analysis of the situation while suggestions from ISD literature on the topic will be presented and discussed. Considering that comparable challenges have recently been faced in the field of medicine, Evidence-based Medicine (EbM) emerged as a new paradigm to solve similar problems and is now well-established. We will present and discuss some attempts to transfer the evidence-based research approach from medicine and how they may apply to the equally application-oriented field of Information Systems

Identification of Business Services Literature Review and Lessons Learned

Business-driven identification of services is a precondition for a successful implementation of service-oriented architectures (SOA). This article compares existing identification methods retrieved from related work and discusses the shortcomings. In particular, a lack of economic aspects constitutes a problem and leaves space for improvements. Finally, the paper proposes a process-oriented method of service identification. This approach incorporates the business point of view, strategic and economic aspects as well as technical feasibility

Model Driven Information Security Management - Evaluating and Applying the Meta Model of ISO 27001

Information technology has had a significant impact on business operations and allowed the emergence of new business models. These IT-enabled processes and businesses however depend on secure information systems which need to be managed. The management of information systems security (ISS) is a highly dynamic and complex task due to constant change in the information technology domain. In this paper we propose the use of a meta model to aid ISS managers in setting up a holistic information security management system (ISMS). For this we describe how an adapted meta model of ISO 27001, a security standard for ISMS, can be used to aid with general phases of ISS management. We demonstrate how models can support ISS managers in their endeavors. The paper concludes with a pragmatic evaluation by providing an example of how such a meta model can be operationalized for vulnerability identification, before discussing potential future research

Evidence-Based Structuring and Evaluation of Empirical Research in Requirements Engineering - Fundamentals, Framework, Research Map

The objective of the contribution is to develop and motivate an approach of structuring, evaluating, and representing empirical research results regarding requirements engineering. Therefore, the authors develop a framework in order to organize the area of interest. The use of this framework and an evidence-based classification system allows us to develop a research map which helps to structure identified empirical research while enabling the derivation of further research needs. Additionally, it supports the selection of methods, techniques, etc. in requirements engineering practice

Systematic Review and Meta-Analysis of IS Security Policy Compliance Research. First Steps towards Evidence-Based Structuring of the IS Security Domain

Given the short supply of empiricism in ISS research, existing empirical evidence needs to be processed further than the scope of a single paper may allow. Other fields of science have long recognized the need for higher level analyses of research results in order to make them accessible to practitioners and develop a knowledge base. In our paper we perform an exhaustive literature research in the realm of empirical ISS research. As one of the recent research hotspots, we perform a systematic review of research results in Information Security Policy (ISP) compliance. We analyze and discuss the heterogeneity of research results and suggest a presentation format that may allow ISS practitioners to base their ISP design decisions on

Combining System Dynamics and Multidimensional Modelling - A Metamodel Based Approach

Online analytical processing (OLAP) as a modern business intelligence (BI) concept provides support for representing vast amounts of data for supporting management‟s decisions. Though, there is no inherent support for the representation of causal structures which could provide a foundation for advanced analysis like what-if or scenario techniques. System Dynamics (SD) is an approach with a long tradition used for modelling and simulation of complex systems, which could provide a causal complement for OLAP. This paper aims at integrating OLAP and SD on a linguistic level. Therefore linguistic metamodels of the corresponding conceptual modelling languages are derived and related towards each other, creating a translational relationship between the languages

KONZEPTIONELLE METAMODELLE VON IT-GOVERNANCE-REFERENZMODELLEN ALS BASIS DER KOMBINATION UND INTEGRATION IN EINER MULTI-MODELL-UMGEBUNG

In jüngster Zeit steht zur methodischen Unterstützung der Aufgaben der Unternehmens-IT eine stetig wachsende Anzahl von Referenzmodellen zur Verfügung. Aus verschiedenen Gründen können diese Referenzmodelle immer seltener isoliert voneinander betrachtet und eingesetzt werden. Vielmehr wird es für die IT-Abteilungen zu einer Herausforderung, das Zusammenspiel in einer „Multi-Modell-Umgebung“ [29] aktiv zu gestalten, um mit dieser Heterogenität umzugehen, bspw. weil die Modelle in Teilen redundante Anwendungsbereiche haben, Unterschiede hinsichtlich der zugrundeliegenden Sprachwelten aufweisen und auf verschiedenen Prinzipien beruhen. In der Praxis sind Vorschläge entwickelt worden, Modelle direkt ineinander abzubilden („Mapping“). Dieser Ansatz weist jedoch verschiedene Probleme auf. Als eine weitergehende und methodisch fundierte Art, mit den genannten Herausforderungen umzugehen, wird die Metamodellierung angesehen, durch die die genannten Modelle auch auf Ebene ihrer Komponenten und Strukturen analysiert, verglichen und integriert werden können