Understanding the enabling design of IT risk management processes

Manuel Wiesche, Michael Schermann, Helmut Krcmar

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

Although managing information technology (IT) risks is widely regarded as a critical in organizations, stakeholders often question the value provided by IT risk management (IT-RM) to an organization. Organizational research suggests the concept of 'enabling formalization' to design highly formalized organizational processes. Processes like IT-RM that are designed in an enabling way support organizational members through flexible guidelines that communicate best practices and empower them in resolving surprises and crises during process execution. It remains unclear, however, how organizations can implement enabling IT-RM processes. We conduct an exploratory study and identify four design decisions for IT-RM. We identify different solutions to these IT-RM design decision and provide empirical evidence as to how these solutions facilitate enabling process design. Our results suggest that organizations need to balance rewarding and punishment-centered strategies in designing IT-RM to change it from an ineffective, costly, and detrimental endeavor into an enabling organizational process.

Original languageEnglish
Title of host publication2015 International Conference on Information Systems
Subtitle of host publicationExploring the Information Frontier, ICIS 2015
PublisherAssociation for Information Systems
ISBN (Print)9780996683111
StatePublished - 2015
Event2015 International Conference on Information Systems: Exploring the Information Frontier, ICIS 2015 - Fort Worth, United States
Duration: 13 Dec 201516 Dec 2015

Publication series

Name2015 International Conference on Information Systems: Exploring the Information Frontier, ICIS 2015

Conference

Conference2015 International Conference on Information Systems: Exploring the Information Frontier, ICIS 2015
Country/TerritoryUnited States
CityFort Worth
Period13/12/1516/12/15

Keywords

  • Design decisions
  • Enabling
  • Grounded theory techniques
  • IT risk management

Fingerprint

Dive into the research topics of 'Understanding the enabling design of IT risk management processes'. Together they form a unique fingerprint.

Cite this