Quality and Knowledge Contributions of MISQ: A Citation Analysis

This study uses citation analysis to assess the quality of MIS Quarterly and compares this assessment to journals of other disciplines. The study also investigates the knowledge contributions of MIS Quarterly to the publications in both information systems and other disciplines. Some 3497 citations were made to 251 articles published in MIS Quarterly during 1989-1998. The study results show that the quality of MIS Quarterly is commensurate with its intended role as a general journal of the specialty IS area. MIS Quarterly ranks favorably when compared to specialty journals and respectably among general journals of specific disciplines. Moreover, most research appearing in MIS Quarterly is used by researchers in various disciplines and, thus, contributes to advancing the body of knowledge

Collaborative Learning with Web 2.0 Technology: Synchronicity Dimension

Web 2.0 technology provides an open platform to promote active users’ interaction and participation in anytime and anyplace, enabling knowledge creation, sharing, and transfer. Using grounded theory approach, this study examines how effective the online collaboration tool that employs Web 2.0 technology could enhance collaborative learning in a team-based environment in higher education. The study results discover that Web 2.0 collaboration tool lacks high synchronicity dimension. High synchronicity dimension of a communication channel is characterized by immediacy of feedback in support of attaining shared understanding, focus, and trust in team interaction. As learning is an outcome of interaction among team members who exchange ideas and share experiences to attain group solutions and bring about knowledge construction, the study suggests that Web 2.0 collaboration tool should include features supporting high synchronicity dimension

IT GOVERNANCE FRAMEWORK: ONE SIZE FITS ALL?

Most of the IT governance frameworks address information systems management in the corporate settings that support top-down management. However, this neglects some organizational settings in favor of bottom-up approach, such as, higher education. To close the gap, this study compares the management styles and organizational practices between higher education and banking industry to reveal the underlying factors that drive organizational security norms in both industries. The results reveal that higher education operates in an open environment that supports employee’s participation for policy compliance. On the other hand, top-down management enforces policies and facilitates employee’s participation for information security safeguard in the banking industry. Accordingly, this study suggests that a new paradigm of IT Governance framework (ITG) is necessary for addressing the unique culture of higher education. Additionally, IT governance can operate in a decentralized mode in the banking industry for encouraging employee’s participation in support of information policy compliance

Impact of External Pressures on Information Security Policy Compliance in the Banking Industry

There has been virtually no previous study discussing how external pressures impel banks to stay compliant. These external pressures could be a compelling force driving banks to comply. Hinged on the Neo-Institutional Theory (NIT), this study examines how the external pressures, namely, regulative, normative, and cognitive expectations, drive banks to comply. The research findings reveal that information security policy compliance in banking organizations is directly driven by normative expectation. Normative expectation encompasses the pressures of fulfilling social/moral obligation and conforming to the industry norms defined by the standardized information security mechanisms. Since the findings uncover that normative expectation is a significant force in the institution of banking, this study suggests drafting internal organizational policies to (1) meet normative expectation and (2) provide a new avenue for risk assessment based on the normative elements

A Tale of Two Cities: Information Security Policy Compliance of the Banking Industry in the United States and South Korea

This study compares the information security policy (ISP) compliance of the banking industry between the United States and South Korea. The distinctive differences of national culture between both nations has led to meaningful findings of ISP compliance at the organizational and individual levels. Drawing on the Cross Value Framework (CVF), this study conducted a survey and distributed questionnaires to the banking employees in the United States and South Korea. Our analysis results reveal that organizational cultures, namely, hierarchical and rational cultures, drive organizational norms in support of ISP compliance in the banking sectors in both nations. While organizational cultures demonstrate no direct effect on individual’s compliance among the banking employees in the United States, organizational cultures consisting of team, rational, and entrepreneurial cultures directly influence individual’s compliance in South Korean banking. Accordingly, this study suggests that common industry characteristics play a role in ISP compliance at the organizational level and that national culture may act as a moderator in ISP compliance at the individual level

A Cross Industry Study: Differences in Information Security Policy Compliance between the Banking Industry and Higher Education

This study adopts Neo-Institutional Theory (NIT) to address the underlying differences in information security policy compliance between the banking industry and higher education. Drawing on NIT, this study examines how regulative, normative, and cognitive expectations effect internal organizational efforts of staying compliant across both industries. Using Partial Least Square (PLS) method, the analysis results suggest that both industries rely on the interrelations between regulative and normative expectations to propel the organizational efforts of attaining compliance. However, the main difference lies within cognitive expectation. In the institution of higher education, cognitive expectation influences regulative expectation that subsequently drives information security policies compliance. On the other hand, cognitive expectation reflects on the regulatory pressure in the banking industry. Given these findings, this study provides suggestions to policy makers for promoting information security policy compliance across industries