IT Risk Management Implementation as Socio-Technical Change: A Process Approach
View/ Open
File version
Version of Record (VoR)
Author(s)
Rowlands, Bruce
Azizi, Neda
Miah, Shah
Year published
2019
Metadata
Show full item recordAbstract
This study introduces a new process for implementing risk management in IT departments, promoting a socio-technical change approach. This research steps outside the conventional factor analytic perspective of IT risk management by embedding contextual and processual elements (e.g. socio-technical interactions and interpretations) to explain successful implementations. Adopting a multi-case approach for obtaining richer data from a problem domain, we outline new details of an implementation process. The proposed process model represents how these elements work together to produce a ...
View more >This study introduces a new process for implementing risk management in IT departments, promoting a socio-technical change approach. This research steps outside the conventional factor analytic perspective of IT risk management by embedding contextual and processual elements (e.g. socio-technical interactions and interpretations) to explain successful implementations. Adopting a multi-case approach for obtaining richer data from a problem domain, we outline new details of an implementation process. The proposed process model represents how these elements work together to produce a successful outcome. Grounded theory-like analysis of the case findings helped us to understand and explore conceptual categories and themes that are relevant to the proposed process. By developing the conceptual model of IT risk management implementation with a socio-technical perspective, we generate a set of propositions in this paper that explains the dynamic nature of IT implementation.
View less >
View more >This study introduces a new process for implementing risk management in IT departments, promoting a socio-technical change approach. This research steps outside the conventional factor analytic perspective of IT risk management by embedding contextual and processual elements (e.g. socio-technical interactions and interpretations) to explain successful implementations. Adopting a multi-case approach for obtaining richer data from a problem domain, we outline new details of an implementation process. The proposed process model represents how these elements work together to produce a successful outcome. Grounded theory-like analysis of the case findings helped us to understand and explore conceptual categories and themes that are relevant to the proposed process. By developing the conceptual model of IT risk management implementation with a socio-technical perspective, we generate a set of propositions in this paper that explains the dynamic nature of IT implementation.
View less >
Conference Title
30th Australasian Conference on Information Systems: Making the World a Better Place with Information Systems (ACIS 2019)
Publisher URI
Copyright Statement
© 2019 Australasian Association for Information Systems. The attached file is reproduced here in accordance with the copyright policy of the publisher. Please refer to the conference's website for access to the definitive, published version.
Subject
Information systems
Information systems organisation and management