[AISWorld] Contents of Volume 20, Issue 3 (March) Journal of the Association for Information Systems (JAIS)

[JAIS]

Contents of Volume 20, Issue 3 (March) Journal of the Association for Information Systems (JAIS), Official Publication of the Association for Information Systems
Published: Monthly Electronically
ISSN: 1536-9323
Published by the Association for Information Systems, Atlanta, USA (http://aisel.aisnet.org/jais/)

Editor-in-Chief:  Professor Suprateek Sarker, University of Virginia, USA

Paper

It Takes a Village: Understanding the Collective Security Efficacy of Employee Groups

Allen Johnston, University of Alabama
Paul Di Gangi, University of Alabama at Birmingham
Jack Howard, University of Alabama at Birmingham
James L. Worrell, University of Alabama at Birmingham

Abstract

An organization’s ability to successfully manage information security incidents is determined by the actions of its employees, as well as the actions of various groups of employees within its organizational boundaries. To date, information security research has primarily focused on individual-level phenomena and has not yet explored group-level phenomena such as how employee groups recognize and respond to security incidents in a way that is consistent with the organization’s security goals and objectives. The current study addresses this gap, thereby answering the research call for group-level security research perspectives. The present study explores how employee groups formulate their collective security efficacy, which influences how group members recognize and respond to information security incidents. Using a case study of a large healthcare research organization (HRO), we analyze two security incidents, a malware attack, and a physical security breach, to identify a unique set of ecological and social properties of employee groups that are salient to their collective security efficacy.

To obtain a copy of the entire article, click on the link below:
Available at: http://aisel.aisnet.org/jais/vol20/iss3/3


Paper

Privacy in the Sharing Economy

Timm Teubner, TU Berlin
Christoph M. Flath, University of Würzburg

Abstract

Contemporary C2C platforms, such as Airbnb, have exhibited considerable growth in recent years and are projected to continue doing so in the future. These novel consumer-to-consumer marketplaces have started to obliterate the boundaries between private and economic spheres. Marketing personal resources online is inherently associated with the disclosure of personal and sometimes intimate information. This raises unprecedented questions of privacy. Yet, there is so far little research on the role of privacy considerations in the sharing economy literature. Leveraging the theoretical perspective of privacy calculus, we address this gap by investigating how privacy concerns and economic prospects shape a potential provider’s intentions to share via different communication channels. We relate privacy concerns back to the provider’s perceptions of the audience. We evaluate our research model by means of a scenario-based online survey, providing broad support for our reasoning.

To obtain a copy of the entire article, click on the link below:
Available at: http://aisel.aisnet.org/jais/vol20/iss3/2


Paper

Sublating Tensions in the IT Project Risk Management Literature: A Model of the Relative Performance of Intuition and Deliberate Analysis for Risk Assessment

Mohammad Moeini, University of Sussex
Suzanne Rivard, HEC Montréal

Abstract

The information technology (IT) project risk management literature comprises two dominant but diverging bodies of knowledge: the normative and the experiential. We conducted a three-step dialectical review of this literature with the aim of creating a bridging body of knowledge. In the first step, delineation, we synthesize the overarching variance and process explanations in each body of knowledge and motivate the examination of their divergences. In the second step, contrastation, we perform a dialectical interrogation of these bodies to articulate their key assumption-level tensions. We elaborate on the most prominent tension between the two bodies, namely, the relative performance of intuition and deliberate analysis for project risk assessment. In the third step, sublation, we propose a theoretical model that resolves this tension. Anchored in both bodies of knowledge and drawing from managerial decision-making research, the model proposes that the relative performance of intuition depends on characteristics of the IT project manager (project-specific expertise), the project (risks’ temporal complexity and risks’ structural complexity), and the project’s organizational environment (e.g., stakeholders’ involvement in risk management, methods-using pressures). Moreover, the model posits that project-specific expertise moderates all the other effects. Building on the bridging knowledge insights from this model, we discuss how researchers can design interventions to increase project managers’ use of deliberate analysis when it is expected to outperform intuition or to encourage reliance on intuition when it is likely to outperform deliberate analysis.


To obtain a copy of the entire article, click on the link below:
Available at: http://aisel.aisnet.org/jais/vol20/iss3/1


 
Elizabeth White Baker, PhD
Production Managing Editor, Journal of the AIS
jais at comm.virginia.edu