TY - GEN
T1 - Understanding the role of information technology for organizational control design
T2 - IFIP WG 8.6 International Working Conference on Governance and Sustainability in Information Systems
AU - Wiesche, Manuel
AU - Schermann, Michael
AU - Krcmar, Helmut
N1 - Publisher Copyright:
© IFIP International Federation for Information Processing 2011.
PY - 2011
Y1 - 2011
N2 - Organizational control is one of the fundamental functions of management. Although controls come along with performance constraints, organizations rely on control mechanisms to direct attention, motivate, and encourage organizational members to act according to organizational goals and objectives. Managers build their decision on control design on the degree of knowledge about the value creation process and the predictability of the outcome. In this paper, we enhance a popular theoretical framework for organizational control design by enclosing IT-enabled controls. We explore the framework empirically in a multiple case study on Governance, Risk management, and Compliance information systems (GRC IS), a popular new trend in organizational control design. Our findings provide evidence that IT-enabled controls enable a new control mechanism, risk control, for situations with perfect knowledge about the transformation process and high ability to measure output. As research implication, we recommend an extension of organizational control theory to incorporate the effects of information technology on control design. As practical implication, we provide decision support for the selection of GRC controls, depending on situational factors and the expected value proposition. In sum, this research enhances the body of knowledge on organizational control design with a risk-based perspective.
AB - Organizational control is one of the fundamental functions of management. Although controls come along with performance constraints, organizations rely on control mechanisms to direct attention, motivate, and encourage organizational members to act according to organizational goals and objectives. Managers build their decision on control design on the degree of knowledge about the value creation process and the predictability of the outcome. In this paper, we enhance a popular theoretical framework for organizational control design by enclosing IT-enabled controls. We explore the framework empirically in a multiple case study on Governance, Risk management, and Compliance information systems (GRC IS), a popular new trend in organizational control design. Our findings provide evidence that IT-enabled controls enable a new control mechanism, risk control, for situations with perfect knowledge about the transformation process and high ability to measure output. As research implication, we recommend an extension of organizational control theory to incorporate the effects of information technology on control design. As practical implication, we provide decision support for the selection of GRC controls, depending on situational factors and the expected value proposition. In sum, this research enhances the body of knowledge on organizational control design with a risk-based perspective.
KW - Compliance
KW - GRC
KW - Governance
KW - Organizational Control
KW - Risk Control
KW - Risk Management
KW - Uncertainty
UR - http://www.scopus.com/inward/record.url?scp=84951075799&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-24148-2_9
DO - 10.1007/978-3-642-24148-2_9
M3 - Conference contribution
AN - SCOPUS:84951075799
SN - 9783642241475
T3 - IFIP Advances in Information and Communication Technology
SP - 135
EP - 152
BT - Governance and Sustainability in Information Systems
A2 - Nüttgens, Markus
A2 - Blinn, Nadine
A2 - Gadatsch, Andreas
A2 - Kautz, Karlheinz
A2 - Schirmer, Ingrid
PB - Springer New York LLC
Y2 - 22 September 2011 through 24 September 2011
ER -