Power Issues in G2G E-Government Applications

This paper addresses a type of wicked problem in the design of information systems in the context of G2G e-Government information systems. These problems, called power issues, have all of the characteristics of wicked problems; however, they are differentiated from them because their roots are based in power. The Power Perspectives Framework from Bradshaw-Camball and Murray is utilized in the context of these G2G systems to provide a framework for the identification and classification of power issues and Courtney’s DSS paradigm is extended to assist in resolving them by incorporating the power perspective into the methodology

IS Security Requirements Identification from Conceptual Models in Systems Analysis and Design: The Fun & Fitness, Inc. Case

This teaching case introduces students to a relatively simple approach to identifying and documenting security requirements within conceptual models that are commonly taught in systems analysis and design courses. An introduction to information security is provided, followed by a classroom example of a fictitious company, Fun & Fitness, in the process of updating its e-Commerce site for class registrations. The case illustrates how UML class diagrams can be used for information classification, data input validation, and regulatory compliance considerations; how a UML use case diagram can be transformed into a “misuse case” diagram to identify threats and countermeasures to functional use cases; and how a data flow diagram may be used to analyze and document threats and countermeasures to data stores, data flows, processes, and external entities using the STRIDE approach developed by Microsoft. The case is geared toward a systems analyst who does not have former training in IS security, and is suitable for upper-division undergraduate and graduate courses

Resiliency as an Outcome of Security Training and Awareness Programs

The authors seek to understand the relationship between the outcomes of traditional Security Education Training & Awareness (SETA) programs, which have been popular in Information Systems (IS) as a mechanism to protect users from cybercrime. The issue is that most SETA programs in IS change at the pace much slower than the pace of cybercriminal tactics. Therefore, the authors propose viewing SETA outcomes through the lens of the psychological concept of resiliency. This paper proposes a model that extends reputable resiliency theories and models to the field of IS Security

Mindful Administration of IS Security Policies

Managers of information systems have ethical, moral and legal obligations to protect their organization’s intellectual property. They often look to frameworks such as the Control Objectives for Information and related Technology (CobIT) to guide them to what data needs to be secured or standards such as the ISO/IEC 27000 series to provide best practices regarding their policies on how to safeguard this information. However, these policies are either vague in the details or not fluid and flexible enough to account for the unexpected security events that may render them obsolete. For example, Google recently released an online suite of applications that would allow an organization’s employees to collaborate on items of intellectual capital stored on Google’s servers outside the control of the organization’s information technology (IT) department. Additionally, new techniques have been discovered to break the encryption of data that was previously thought to be lost when the device containing it was powered off. While these events certainly have utility to practitioners, they also pose new threats to the security of intellectual capital created and stored on IT artifacts. This paper advocates mindfulness (Weick and Sutcliffe, 2001) as a necessary component of choosing and adapting security policies to better predict the unexpected security threats that may come as a result of technological change, environmental forces, or organizational use of IT

The Relationship between the “Dark Triad” Personality Traits and Deviant Behavior on Social Networking Sites

Many aspects of the Internet have been described as taking a “dark turn”, as incidents of spear-phishing, identity theft, and other known cyber threats are becoming more commonplace. Social networking sites (SNSs) such as Twitter, Facebook, Instagram, Snapchat, and other services with user-generated content (UGC), provide a platform to facilitate these types of behavior. While these SNSs encourage respectful or acceptable behavior and adherence to conduct standards, incidences of obscene language, personal attacks, cyberbullying, racial, gender or sexual bias, and hate speech are rampant. Prior research suggests that this type of unacceptable or deviant behavior can be attributed to Dark Triad personality traits (i.e., narcissism, Machiavellianism, and psychopathy). Using the lens of the Dark Triad and an extensive literature review, a Short Dark Triad (SD3) survey study was conducted to investigate the gap in Information Systems (IS) research and the influence of deviant behaviors and its acceptance in SNSs

Toward a Theory of Emergent Leadership for Collaborative Information Systems Development among Social Enterprises

Many social enterprises (SEs) are adopting collaborative strategies to overcome fragmentation and duplication in the socialsector to effectively address the world’s social needs (i.e. hunger, poverty, healthcare, education). SEs are increasinglyutilizing IT to support collaboration. However, historically SEs have been slow to integrate IT into their organizations solittle is known about information systems design (ISD) in SEs; even less at the collaborative level. Effective leadership inISD is important to realizing desired outcomes. Current leadership theories do not translate easily to the SE context. Weexplore the collective leadership, emerging from the collaborative ISD process itself, as being relevant to SE contexts. Weapply the neohumanist philosophy, and incorporate Habermas’ Theory of Communicative Action, to develop a theory ofleadership in collaborative SE ISD, in which leadership emerges from communicative actions in the ISD process. We offer aframework for leadership in collaborative ISD in social sector collaboration

A Reading Preference and Risk Taxonomy for Printed Proprietary Information Compromise in the Aerospace and Defense Industry

The protection of proprietary information that users print from their information systems is a significant concern. Researchers have repeatedly indicated that human behaviors and perception are important factors influencing the information security of organizations and have called for more research. In this study, we focused on the investigation of user reading preference, user perceived risk, and seven demographics in the context of compromising printed proprietary information. A Reading Preference and Risk (RPR) taxonomy was developed to classify users respective to potential risks to printed proprietary information. Results of a Webbased survey show that employees were dispersed across the RPR Taxonomy with 15.1% identified as potentially problematic. Our results also showed an overall reading preference for print materials and a high-perceived risk for compromising printed proprietary information. Significant differences between the constructs and demographics suggest that a user’s likelihood to compromise printed proprietary information is affected by frequency of user exposure, confidentiality level, and previous user experience with the compromise of proprietary information. Additionally, age, gender, and a user’s desire to retain e-training content in memory had a significant effect on user reading preference

Pharmaceutical companies’ documented and online privacy practices: Development of an index measure and initial test

Consumers have begun to take a more proactive approach to their healthcare by accessing pharmaceutical companies Websites to obtain health and drug information. In exchange for these benefits, companies require consumers to voluntarily disclose information. However, research has shown that consumers continue to be concerned about how their information is managed, used, and distributed by companies, especially if accessed via the Web. To date, there has been limited empirical research to examine the actual online practices of companies when it comes to privacy, especially those of pharmaceutical companies. Using the Delphi expert panel process, we identified the components of a hierarchical benchmarking index to examine the documented and actual online practices of 100 Website registrations with pharmaceutical companies. In this paper, we outline the development of an index to measure the personal information privacy violations of pharmaceutical companies using hierarchical linear technique. Second, we provided empirical evidence regarding the magnitude of voluntary adherence to the Fair Information Practices (FIPs) by pharmaceutical companies based upon the personal information privacy violations. Our results revealed that companies with headquarters in Europe had fewer personal information privacy violations than those in the US. Moreover, our results indicate that fewer personal information privacy violations occur for chronic conditions than for non-chronic conditions, as well as fewer violations occur with Website registrations for updates than for discounts. Finally, both Europe and UK demonstrated more overall adherence to the FIPs than the US and Asia. This suggests that self-regulation may not be sufficien

Integrated Atmosphere Resource Recovery and Environmental Monitoring Technology Demonstration for Deep Space Exploration

Exploring the frontiers of deep space continues to be defined by the technological challenges presented by safely transporting a crew to and from destinations of scientific interest. Living and working on that frontier requires highly reliable and efficient life support systems that employ robust, proven process technologies. The International Space Station (ISS), including its environmental control and life support (ECLS) system, is the platform from which humanity's deep space exploration missions begin. The ISS ECLS system Atmosphere Revitalization (AR) subsystem and environmental monitoring (EM) technical architecture aboard the ISS is evaluated as the starting basis for a developmental effort being conducted by the National Aeronautics and Space Administration (NASA) via the Advanced Exploration Systems (AES) Atmosphere Resource Recovery and Environmental Monitoring (ARREM) Project.. An evolutionary approach is employed by the ARREM project to address the strengths and weaknesses of the ISS AR subsystem and EM equipment, core technologies, and operational approaches to reduce developmental risk, improve functional reliability, and lower lifecycle costs of an ISS-derived subsystem architecture suitable for use for crewed deep space exploration missions. The most promising technical approaches to an ISS-derived subsystem design architecture that incorporates promising core process technology upgrades will be matured through a series of integrated tests and architectural trade studies encompassing expected exploration mission requirements and constraints

Churchman\u27s Inquiring Systems: Kernel Theories for Knowledge Management

Churchman [1971] defines inquiry as an activity that produces knowledge. He examines the epistemologies of five schools of philosophy from the perspective of general systems theory, asking the question as to whether each is suitable as the basis for the design of computer-based inquiring systems. He considers systems design and design theory in some detail. We believe that Churchman\u27s inquiring systems can form the basis for the design of knowledge management systems and that the IS research community has hardly tapped the potential of inquiring systems in that regard. Mason and Mitroff [1973] brought inquiring systems into the IS literature early on, essentially making the work endogenous to the field. We argue that building on inquiring systems can contribute to developing IS as a discipline by maintaining continuity in research and developing a theory that IS can call its own. We believe that the lack of use of Churchman\u27s work may be due to its lack of visibility in recent years and attempt to remedy that by summarizing the basics of the inquirers in some detail, trying not to interpret, but to remain faithful to the original. The paper encourages readers to study the original and develop their own notion of how the inquirers might be used in knowledgemanagement work. There are probably as many different perspectives on how inquiring systems could support KMS as there are IS researchers willing to study them. We would like to encourage a proliferation of such perspectives