Below is the annotated bibliography I created of some of the papers, articles, and books that I have read to assist in my understanding of IT security and IT enterprise management. As I continue to research new technigues and theories, I will continue to update this page. The inclusion of an annotated bibliography in an IT Professional’s toolkit is important as it shows that the professional has the motivation to learn and think critically. The IT professional will have a list of articles and references that they will be able to review at a later date. The professional will also be able to share the knowledge that they would be able to acquire easily.
Ahmed, M., do Valle, A. M., & Wilkinson, G. (2019). SITProMP: A Simplistic Approach towards Managing IT Projects. PM
World Journal, 8(1), 1. Retrieved from https://login.proxy.kennesaw.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edb&AN=134101435&site=eds-live&scope=site
In a recent article, Monjur Ahmed, Authur Valle, and Guss Wilkinson develop a Simplistic IT Project Management (SITProMP) that can be used as a generic framework to develop IT project management processes. The framework considers that the project managers should utilized with simplistic framework in order for it to be applied to small/medium organizations. The authors take into consideration the security concerns, ability to compare distinct differences within the project and be able to leverage the 3 critical components of time, resources, and money.
Ball, M. J. (1998). The IT staffing crisis. Health Management Technology, 19(9), 66.
An article written by MJ Ball laments the health IT staffing crisis that was happening in the late 90’s to early 2000’s. While there are system analysis or network specialist are interchangeable, individuals that handle medical information on the digital level. Ball notes that one of the reasons behind the low numbers of Health IT professionals was due to the fact that there were very few educational programs that develop health information technology. While the article is a bit outdated with the fact that the number and quality of educational programs involving health information technology have increased since the 2010’s. One point that the article makes is that is an important staffing decision to make is promoting from within. A company investing within can see if current staff have some knowledge in IT and have the drive to want to learn more.
Camarena, S. (2011). The Promise of IT: Educating the Federal Government. IT Professional,13(6), 28-33.
doi:10.1109/mitp.2011.52
In a 2011 article, Susan Camarena writes about how by educating the federal government on the importance of IT and how it can play a key role in providing transparency. Camarena views that the problem “isn’t the training of IT professionals working with the federal government, but the need to better educate the nonIT professionals (usually in management positions) on how IT can assist in serving the American people.” (Camarena, 2011) Camarena writes on how the current culture within the government needs to be changed in order to change the views on IT. The article details the educational path that the federal government could take to ensure that IT professionals are able to develop knowledge management, identify new technologies, and to comprehend IT security.
Cook, J. (2015). A Six-Stage Business Continuity and Disaster Recovery Planning Cycle. SAM Advanced Management Journal
(07497075), 80(3), 23–68. Retrieved from https://login.proxy.kennesaw.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=110379687&site=eds-live&scope=site
In his research, Jack Cook examines a business-oriented perspective to operational continuity. Cooks believes that any manager creating a disaster recovery plan should review his research as it delineates what content a comprehensive plan must contain. Cook believes that there are six-stages: Governance structure, Plan Initiation, Business Impact Analysis and Risk Assessment, Design/Update the Plan, Testing/Training, Maintenance and then returning to Governance Structure to begin the cycle again. Cook concludes that disaster can come from anywhere and that having a team in place that knows how to quickly acknowledge the event and be able to act accordingly will mitigate the lasting effects.
Costello, T. (2011). 2011 IT Tech and Strategy Trends. IT Professional,13(1), 64-63. doi:10.1109/mitp.2011.1
In a 2011 article, Tom Costello writes about the top ten technologies and trends that will address the skills and issues that face CIO. He presents two separate lists, one that involves tech trends that are likely to grow and the strategic capabilities that will expand beyond the IT organization. The first list that he covers involves the tech trends that were in demand in 2011. Many of the trends that he writes about (cloud computing, mobile devices, social networking etc.) while in their infancy in early 2010, have grown to become major technologies that many industries require in order to perform their basic needs. The second list covers different strategies that could potentially affect the IT industry and something that CIO’s will need to take into consideration. Costello writes that CIO will have many different issues (transitioning to a new workforce generation, developing an organizational strategy, understanding how IT can achieve business goals) that they will need to overcome and many of those issues are still concerning CIO and IT professionals today.
Eom, M. T. (2015). How Can Organizations Retain IT Personnel? Impact of IT Manager’s Leadership on IT Personnel’s
Intention to Stay. Information System Management, 32(4), 316. Retrieved from https://login.proxy.kennesaw.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edb&AN=110262497&site=eds-live&scope=site
The author utilized a multitude of sources in order to explain how IT personnel need to possess both business and technology competencies in order to be effective. They reviewed multiple IT leaders in order to evaluate what behaviors are preferred in order to retain the IT personnel that they have on their team. Their hypothesis is that both transformational and transactional behaviors on the part of an IT manager are expected to positively affect IT personnel’ s intention to stay. They concluded that since IT personnel tend to stay in their position in the long term and that IT leaders can use “transformational” leadership behaviors to help their teams realize the value of what they can do and how they can provide value to the organization. Through this, IT managers would be able to sway their employees to stay in their current roles.
From Incident Reports to Improvement Recommendations: Analyzing IT Help Desk Data. (2014). 2014 23rd Australian
Software Engineering Conference, Software Engineering Conference (ASWEC), 2014 23rd Australian, Software Engineering Conference, Australian, 94. https://doi-org.proxy.kennesaw.edu/10.1109/ASWEC.2014.25
In their research, the authors of the article analyzed help desk operations records of incidents and how they are resolved. They analyzed two products used at a large corporation and were able to derive several recommendations for improvement of the help desk. After analyzing their data, the authors concluded that using Principal Components Analysis (PCA) to analyze data for process improvements at a help desk in a large corporation showed success.
Geng, W., & Hu, Y. (2011). SWOT analysis of China software serverce outsourcing. 2011 IEEE 2nd International Conference
on Software Engineering and Service Science. doi:10.1109/icsess.2011.5982423
In a paper, Wenli Geng and Yingsong Hu write about utilizing the SWOT method to analyze the state of the software service outsourcing industry in China. They reviewed the strengths, weaknesses, opportunities and threats that face the software service outsourcing industry in China and then made recommendations for enterprises that work within that industry. The authors write that while the Chinese government can offer good policies and measures that encourages software companies, the countries lack of data privacy laws hinder their ability to gain international clients. The paper is an example of how important a SWOT analysis can be in understanding the market that IT industries can compete.
Höffner, K., Jahn, F., Kücherer, C., Paech, B., Schneider, B., Schöbel, M., … Winter, A. (2017). Technical Environment for
Developing the SNIK Ontology of Information Management in Hospitals. Studies In Health Technology And Informatics, 243, 122–126. Retrieved from https://login.proxy.kennesaw.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=mdc&AN=28883184&site=eds-live&scope=site
The SNIK project converts textbooks about information management in hospitals to a domain that will provide a shared vernacular about the integrate process, data and infrastructure. By using Semantic Web projects, the authors were able to create a singular environment so that users would be able to find the information that they would need to find about setting up a hospitals technical environment.
Jarrahi, M. H. ( 1 ), Crowston, K. ( 2 ), Bondar, K. ( 3 ), & Katzy, B. ( 4 ). (n.d.). A pragmatic approach to managing enterprise
IT infrastructures in the era of consumerization and individualization of IT. International Journal of Information Management, 37(6), 566–575. https://doi-org.proxy.kennesaw.edu/10.1016/j.ijinfomgt.2017.05.016
Traditionally, companies have owned and controlled the technology that their employees use. In recent years, more employees are wanting to utilize their own technology (smart phones, computers, and even social media) in the course of completing their jobs. In a recent article, the authors take a three-factor approach – technology, people, and practice- that will allow managers to mitigate the usage of personal devices and allow them the ability to understand what will assist the new generation into following corporate policies.
Kim, S. S., & Kim, Y. J. (2017). The effect of compliance knowledge and compliance support systems on information
security compliance behavior. Journal of Knowledge Management, 21(4), 986. Retrieved from https://login.proxy.kennesaw.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edb&AN=124424810&site=eds-live&scope=site
Authors Sang Soo Kim and Yong Jin Kim wrote a paper whose purpose is to understand how information technology is used for compliance management in a corporate setting. They wanted to understand the security concerns that large corporations can have due to the advancement of big data and artificial intelligence. They aimed to promote effective voluntary compliance behavior by informing employees about the impact they can have and how new technology can assist with improving overall compliance.
Larsen, M., Pedersen, M., & Andersen, K. V. (2006). IT Governance: Reviewing 17 IT Governance Tools and Analysing the
Case of Novozymes A/S. Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS06). doi:10.1109/hicss.2006.234
In a paper for the Hawaii International Conference on System Sciences, Michael Larsen, Mogens Pedersen and Kim Anderson review 17 different IT governance tools and show how they can be applied to the case company Novozyme A/S. Larsen begins the paper by giving an accurate definition for IT governance. They bring up the point that while the debate over IT governance aligning business and IT objectives has been ongoing for decades, it has only recently intensified after multiple corporate scandals brought more attention to the important of IT governance. They give a brief explanation of 17 different frameworks (including COBIT, ITIL, and ISO 17799) and explain how they can be utilized to align IT governance and business goals. The authors do a good job of showing the importance of applying the correct tools to make sure that IT governance is being applied correctly to IT and Business goals.
Nieves, E. (n.d.). This Is Exactly How to Be a Successful Manager and All the Habits You Need to Adopt.
Retrieved January 27, 2019, from https://fairygodboss.com/articles/habits-successful-managers-have#
The author provides a complete list of items and concepts that can help managers evaluate their own methods. While the list does not have many authoritative sources, the concepts, such as the SMART acronym, that have been added appear in other sources.
Rao, S. K. (2007). Financial Management Approach to Development of Quality Excellence Model for the Information
Technology Industry. Journal of Financial Management & Analysis, 20(2), 85–91. Retrieved from https://login.proxy.kennesaw.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=slh&AN=31316442&site=eds-live&scope=site
In this article, Rao proposes that the Value-based Quality Budgeting Model can assist individuals that have decision-making power in understanding the value that IT can provide to an organization. Since IT has become an integral part of an industries daily activities, Rao states that creating a Value-based Quality Budgeting Model that IT managers can utilize the model to show how IT can provide quality value through their budgeting practices.
Sahibudin, S., Sharifi, M., & Ayat, M. (2008). Combining ITIL, COBIT and ISO/IEC 27002 in Order to Design a
Comprehensive IT Framework in Organizations. 2008 Second Asia International Conference on Modelling & Simulation (AMS). doi:10.1109/ams.2008.145
In an article, Shamsul Sahibubin, Mohammad Sharifi, and Masarat Ayat write about how several frameworks (ITIL, COBIT, ISO/IEC 27002) focusing on their similarity and differences. By reviewing these frameworks and standards, the authors proposed to be able to develop a more comprehensive framework. They begin by reviewing ITIL (Information Technology Infrastructure Library) and how it is “widely accepted approach to IT Service Management.” (Sahibudin, 2008) and proceed to summarize COBIT and the ISO/IEC 27002 frameworks. The ITIL framework relates to both the COBIT and ISO/IEC 27002 frameworks and that a combination of the three frameworks can assist organizations in being able to deliver IT services in a cost-efficient manner. The three frameworks can also “mitigate security risks and complying with legal requirements.” (Sahibudin, 2008)
Solms, B. V. (2005). Information Security governance: COBIT or ISO 17799 or both? Computers & Security,24(2), 99-104.
doi:10.1016/j.cose.2005.02.002
In an article, Solms writes about how the COBIT and ISO 17799 frameworks can both be utilized by information security experts to assist with IT governance. Solms poses the question as to what would be “the best reference framework for an information security governance environment for a company?” (Solms, 2005) Solm states that the paper was not to compare the two frameworks but to show that they can work in tandem to provide beneficial coverage to companies that use the frameworks. Solms explains both the pros and cons of each framework and gives scenarios as to how the two frameworks can complement each other. With COBIT having a wider range of IT governance and ISO 17799 is more detailed when involving information security. Detailed mapping between the two frameworks has allow one to work with the other to increase the effectiveness of both frameworks.
Yin, P. yinpengzhen888@126. co., Ou, C. X. J. 1,2,3,4. carol. ou@uvt. n., Davison, R. M. 1,2,3,4. isrobert@cityu. edu. h., &
Wu, J. jacky012@mail. ustc. edu. c. (2018). Coping with mobile technology overload in the workplace. Internet Research, 28(5), 1189–1212. https://doi-org.proxy.kennesaw.edu/10.1108/IntR-01-2017-0016
In their research, the authors of the article studied the effects associated with using mobile information and communication technologies (MICT) in the workplace. The authors examine how the overload effects from using MICTs in the workplace and how it has affected employees’ job satisfaction and explore coping strategies. The researchers utilized 178 employees at work in China to collect data as to how the overload and effect employees. Their results showed that the information overload reduces job satisfaction and that two coping strategies (information processing timeliness and job control assistance support) can improve job satisfaction. Both strategies can moderate the relationships between two overload effects and job satisfaction. The practical implication can help managers understand how to reduce employee evaluation of overload.