Internal auditors, managers and the framing of continuous monitoring: A case study of an Australian Wholesale company

Recent technological advances, compliance imperatives and trends in governance and risk management have renewed attention and increased demand for continuous assurance (CA) and continuous monitoring (CM) more specifically. Whilst these areas have a history spanning close to three decades, significant uncertainty remains about how CM may be effectively implemented at a theoretical and practical level, with limited empirical based studies. The aim of this paper is to report on a case study of an implementation of CM in an Australian wholesale company. Broadly, a social constructionist of technology (SCOT) perspective is adopted and the implementation process is explored as a sociology of translation. Within this research framework a technological frames analysis is employed to examine auditors’ and managers’ understanding and experiences of CM, the meanings assigned by them, and how this influences their actions related to its implementation and use. Implications for further research and practice are considered

Differences In Chronic Pain Prevalence Between Men And Women At Mid-Life: A Systematic Review Protocol

BACKGROUND: Epidemiological literature has revealed differences in chronic pain (CP) prevalence in men and women. Women have been found to be more likely to develop CP compared to men at different points of the life-course, such as childhood and old age. Less is known about differences in prevalence by sex during mid-life. While CP is most prevalent later in life, biological and physical changes in mid-life may predispose to an earlier differentiation in CP distribution – for example due to the menopause. The aim of this study is to describe the prevalence of CP at midlife in men and women, and to identify how these differences relate to results pertaining to other periods in the life-course. METHODS: This systematic review follows PRISMA guidelines. An electronic search will identify appropriate studies in the following databases: MEDLINE, to be accessed through Web of Science; and EMBASE, AMED and PSYCHinfo to be accessed through OVID. Two reviewers will independently screen each title and abstract and subsequently each full text following the inclusion criteria outlined in this protocol. The reference lists of eligible papers will also be screened to identify any further eligible studies. Any inconsistencies between reviewer decisions will be resolved through discussion. Studies eligible for data extraction will report estimates of CP prevalence, of prevalence for each sex, and difference in prevalence between sexes. Two reviewers will conduct data extraction using a standardised data extraction form. Quality assessment will be conducted using a risk of bias assessment tool for prevalence studies. The findings will be reported in a narrative synthesis and will comment on expected heterogeneity, following the Social Research Council Methods Programme guidelines. A random effects meta-analysis will be conducted where the reviewers can justify combining results. DISCUSSION: This review will summarise the prevalence of CP in men and women at mid-life, based on existing evidence. It is expected that the results will identify gaps in knowledge and areas for further research

Governance, risk and compliance (GRC): Conceptual muddle and technological tangle

The concepts of governance, risk and compliance are not new. However, the label ‘GRC’ has more recently gained traction in research and practice. Given the growing interest in GRC it is timely and important to reflect upon developments, as the literature is now peppered with a wide array of views to the extent that the term risks being misunderstood in theory and practice. This paper summarises and critiques the GRC literature for the purpose of revealing: the diversity of ambitions, assumptions and ambiguities that require questioning in conflations of governance, risk and compliance; and gaps in present research agendas. Grounding our argument on the critique of the literature we open up discussion of alternative perspectives and identify their possible contribution to the study of GRC. Moreover we argue that Latour’s (2005) concept of ‘panorama’ has the potential to fruitfully broaden the notion of GRC

THINKING ABOUT IDENTITIES OF INFORMATION PROFESSIONALS: EXPLORING THE CONCEPT OF INTERSECTIONALITY

The changing information landscape is recasting the role of information managers as strategic leaders advising on business competitiveness and advocating organizational change. However there is considerable uncertainty as to how these roles are being interpreted and the extent to which this impacts upon professional identity. Recently there has been an emerging awareness in IS research of the need to further explore identity issues in organisations. The aim of this paper is to report on the first stage of a research project that is examining how the identities of information professionals, specifically information managers, are constructed as it has received limited attention in theory and practice. Further, we explore the concept of intersectionality as an analytic approach that simultaneously considers the effects of different social memberships at multiple levels in the identity formation process

Course Design Principles to Support the Learning of Complex Information Infrastructures

This paper presents an integrated, learning-centred course design for studying the complex, rapidly changing information infrastructures underpinning organisations and society. Students need to develop an agile, critical mindset in order to influence and be influenced by these socio-technical systems in ways which enhance information management, control and innovation. There are several challenges to developing this mindset. Students and technology vendors often expect technical training and current educational materials reinforce this approach. A silo-based structure to most degrees exacerbates the problem. The complexity of context and rapidity of change often get lost in the mix. This paper addresses these problems and makes two contributions. It models an information infrastructure as a complex adaptive system (CAS) with particular characteristics. It suggests design principles to support the learning of complex information infrastructures by extending the learning context in Whetten’s learning-centred course design. An educational ecosystem, supported by integrated case studies underpins this design

Managing Information Risks and Protecting Information Assets in a Web 2.0 Era

The growth in volume of digital information arising from business activities presents organisations with the increasingly difficult challenge of protecting their information assets. Failure to protect such information opens up a range of new business risks. The increase in externally hosted services and social networking tools also adds a new layer of complication to achieving information protection. Prior research has recognised the need for a socio-organisational view of information protection, shifting the emphasis from a narrowly defined technical concern to an enterprise-wide, business-led responsibility encompassing strategic and governance issues. We argue that this shift is important but not enough and that greater attention should be given to understanding the nature and complexities of digital business information. In this paper we examine the extent to which existing frameworks for information protection are structured to account for changes in the information environment. Our findings indicate that whilst these frameworks address the need to adopt a broader social and organisational perspective there remain a number of significant limitations in terms of the way the information is treated. To address these limitations we propose a more co-ordinated and information-centric approach to information protection