This paper discusses how deterrence and inertia impact changes in IT security policy. The impact is investigated via an online survey. Certain and quick deterrent sanctions were associated with an increase in compliance, while a lack of change in deterrent sanctions were associated with a decrease in compliance. The conclusion drawn from this survey is that clearly defined and quick to be addressed deterrent sanctions need to be communicated in order for employees to comply with modifications in security policy. [29]
Malimage, K., Raddatz, N., Trinkle, B. S., Crossler, R. E., & Baaske, R. (2020). Impact of Deterrence and Inertia on Information Security Policy Changes. Journal of Information Systems, 34(1), 123–134. https://doi.org/10.2308/isys-52400
This paper discusses how ethical work climates, beliefs, and neutralization interact together to jointly impact and explain information security policy noncompliance. This research is based on the social information processing theory and is conducted via a survey. The result is that information security policy noncompliance is significantly impacted by neutralization, the perceived cost of compliance, and the perceived cost of noncompliance. [30]
Gwebu, K. L., Wang, J., & Hu, M. Y. (2020). Information security policy noncompliance: An integrative social influence model. Information Systems Journal, 30(2), 220–269. https://doi.org/10.1111/isj.12257
This article discusses IT strategies in the context of assessing changes that may be needed in order to achieve business goals. The article discusses addressing this through the completion of the following steps: 1. Review your Business Goals, 2. Analyze Current Security Threats, 3. Include KPIs, 4. Tie Your Strategy to Business Outcomes, and 5. Doesn’t Overshoot or Undershoot. [31]
Network Coverage. (2020, February 21). Creating An Effective IT Strategy. Retrieved February 07, 2021, from https://www.netcov.com/what-does-effective-it-strategy-begin-with/
This article discusses maximizing both business and IT strategies through an understanding of each strategies differences and how they integrate with each other. The article includes discussions on business strategies and their varying levels and importance, as well as, IT strategies and how they should align with business strategies. [32]
Pyne, B., & Xpective, Inc. (2020, June 16). IT Strategy vs Business or Corporate Strategies. Retrieved February 07, 2021, from https://techspective.net/2020/06/16/it-strategy-vs-business-or-corporate-strategies/
This book discusses IT governance and director’s guidelines. It provides clear guidelines that will help ensure the same strategic objectives for both IT and the business. Content coverage includes, but is not limited to: risk management, intellectual capital, compliance, IT governance framework design, and leadership guidelines. [33]
Calder, A. (2011). IT governance. [electronic resource] : guidelines for directors (1st edition). IT Governance Pub.
Transaction costs are expenses which are incurred during the process of buying/selling a good or service. This article discusses what transaction costs are, the details about transaction costs, how to eliminate transaction costs, and an example. It is important to know about transaction costs because they play a major factor in net returns and ultimately in the value obtained or provided. [34]
Downey, L., Scott, G., & Investopedia. (2021, January 19). Transaction Costs. Retrieved March 07, 2021, from https://www.investopedia.com/terms/t/transactioncosts.asp
This article discusses how to use IT in order to gain a sustainable competitive advantage in the market. The article is specifically about sustainable competitive advantages over non-sustainable competitive advantages. It discusses why IT provides a competitive advantage, including, user experience design advantages, automatic processing advantages, data analytics advantages, and machine learning advantages. [35]
Lipovich, I., & Forbes Business Council. (2020, October 06). How To Use Technology To Gain A Sustainable Competitive Advantage. Retrieved March 07, 2021, from https://www.forbes.com/sites/forbesbusinesscouncil/2020/10/06/how-to-use-technology-to-gain-a-sustainable-competitive-advantage/?sh=2d8bd5a1328c
This article discusses the seven different things that should be known about IT governance. It also discusses choosing a framework and smooth implementation procedures. The article is broken down into sections that discuss: what IT governance is, IT governance and GRC, why to implement IT governance infrastructures, who uses IT governance, how to implement IT governance, how to choose an IT governance framework, and how to make smooth implementation procedures. [36]
Lindros, K., & IDG Communications, Inc. (2017, July 31). What is IT Governance? A Formal Way to Align IT & Business Strategy. Retrieved March 07, 2021, from https://www.cio.com/article/2438931/governanceit-governance-definition-and-solutions.html
This article discusses how GRC (Governance, Risk, and Compliance) can help align IT activities with business goals and manage risk and compliance effectively. The article is broken down into sections that discuss: compliance vs control, how GRC works, how to implement GRC successfully, who uses GRC, GRC certifications, and GRC tools and solutions. [37]
Lindros, K., & IDG Communications, Inc. (2017, July 11). What is GRC and Why Do You Need It? Retrieved March 07, 2021, from https://www.cio.com/article/3206607/what-is-grc-and-why-do-you-need-it.html