It-säkerhetsmedvetenhet hos gymnasieungdomar : En kvantitativ studie om it-säkerhetshot och risker för Internetanvändare

Persson, Fredrik, Åström, Joel

January 2014

Syftet med denna studie är att ta reda på hur medvetna gymnasieelever är om it-säkerhetshot och risker på Internet. Detta har gjorts genom att först undersöka aktuella hot genom att studera trendrapporter från ledande it-säkerhetsföretag. Denna information har sedan använts i en enkät för att ta reda på kunskapen och medvetenhetsnivån om dessa it-säkerhetshot bland gymnasieelever i Uppsala. Studien visar att det finns ett behov av utökad kunskap inom området. I resultatet kunde särskilda brister ses i de sociala aspekterna av it-säkerhet. Undersökningens resultat kan användas som stöd vid framtagandet av utbildning inom risker och hot på Internet.

It-säkerhetshot

gymnasieelever

it-säkerhetsmedvetenhet

kunskap

social engineering

malware

Information Worker Productivity Enabled by IT System Usage : A Complementary-Based Approach

Pashkevich, Natallia

January 2016

Assessing the conditions of productivity of individual workers who process information and use IT has been a concern for many researchers. Prior studies have applied different theoretical foundations to study the relationship between IT use and productivity at individual level in post adoption scenarios and have provided mixed results. In the last decades, the proposition that there is a need for a set of factors to be changed in a synchronized fashion when using an IT system has received particular attention. Very little, however, is known about the configurations of these factors at individual level. To investigate this gap, we have designed a new research model of an information worker’s individual productivity when a more aligned IT system is used in a synchronized manner with both individual and organizational factors. The formulated research model is grounded on the complementarity theory, functioning here as a meta-theory guiding the linking of productivity theory, Kirton’s adaption-innovation theory, and several theoretical bodies on the structure of production processes and human resource management. The formulated model was tested in two empirical studies – a longitudinal quasi-randomized field experiment and an online experiment – conducted to investigate configurations of complementary factors that increase productivity when a new, more aligned IT system is used. Overall, the two studies shed important light on configurations of complementary factors and the improvement of the research design to study their impact on IT-enabled productivity. The obtained results contribute to the research that focuses on individual information worker IT-enabled productivity as well as research that rests on the complementarity theory with new configurations of complementary factors that, when matched correctly, can increase individual productivity of information workers. Eventually, the studies presented here advocate that further research is needed to increase our in-depth understanding of complementary factors and their impact on individual IT-enabled productivity of information workers.

Complementarity

Individual level

Information worker

IT use

IT-enabled productivity

Diversity Management in IT-Projekten / Diversity Management in IT-Projekten

Jeebe, Hans-Jürgen

January 2008

The PH.D. thesis deals with the concept of diversity management in the field of IT project management. It is based on the extensive empirical research. The findings and conclusions enable to adapt and implement concrete actions in the organizational context.

Revisionens krav på informationssäkerhet / The demands on information security from the audit

Bergström, Daniel, Lönqvist, Ottilia

January 2007

Information är en tillgång som liksom andra viktiga tillgångar har ett värde fören organisation och därmed måste få ett lämpligt skydd. Målet medinformationssäkerhet är således att skydda informationen mot olika hot. Det ärviktigt för flera olika intressenter att den information företag delger är trovärdigoch rättvisande, något som en revisor har till uppgift att säkerställa. Att granskadatorprogram är en av de svåraste uppgifterna som finns för en revisor.Antalet komplexa system ökar ständigt och därför behövs ofta experthjälp iform av IT-revisorer.Syftet med uppsatsen är att beskriva vilka krav som idag ställs på företagsinformationssäkerhet, sett ur revisionssynpunkt och hur de här kraven harförändrats över tiden. Syftet har även varit att beskriva vad som innefattas ibegreppet och att beskriva den process som sker då en revisor granskar företagoch dess informationssystem. För att studera det här har revision som är ITrelateradbehandlats för att undersöka problemområdet genom att användakvalitativ metod. Intervjuer har skett med två IT-revisorer på en revisionsbyrå,en IT-säkerhetsarkitekt på bank, en revisor vid Skatteverket samt en driftschefpå ett postorderföretag.Informationssäkerhet handlar om att skydda den värdefulla och känsligainformationen mot olika former av hot och på så vis säkerställaorganisationens fortlevnad. Det här går att uppnå på olika sätt.De slutsatser som dragits från studien är att noggrannheten att efterleva kravenpå informationssäkerhet har blivit viktigare idag. Dock är kraven i sig desammasom förr. Företag skall nu som då lagra information på en fysiskt säker plats.Då en IT-revisor granskar ett företags informationssäkerhet är målet medgranskningen att säkra affärsriskerna. Det här görs på olika sätt bl. a.beroende på företagets storlek och komplexiteten i deras system. / Uppsatsnivå: D

it-revision

informationssäkerhet

intern kontroll

it-revisor

Social Sciences

Samhällsvetenskap

Är medieelevens datorkunskaper likvärdiga medielärarens? : En självskattning från lärarens och elevens perspektiv / Are the upper-secondary school pupils computer knowledge´s equivalent to the media teachers? : A self assessment from the teachers and the pupils pespective

Bolund, Ulla Elisabeth

January 2008

<p>The aim of this essay is to get knowledge and to evaluate if the media student has equal or evenbetter knowledge of information technology (IT) than his/her teacher. Today the student of IToften has knowledge of hard ware and soft ware sometimes even unknown to the teacher. Themain reason for this might be that IT hitherto has played no prominent part at the institutes ofteacher education. Continuing further education of IT for teachers is also eligible as IT still is arather new subject on the time table.To adopt an empiric approach to the problem I have used trough interviewing and questions bothteachers and students at two upper secondary schools in the province of Värmland. The schoolsare called “A” and “B” in my investigation.Does the teacher have enough knowledge to give the student relevant knowledge concerninghard ware as well as soft ware to handle the computer and to utilize its possibilities? How can theteacher act to comply with the students’ claims and demands?IT-knowledge can be expressed in a complicated way but I have limited my investigation to therole of the teacher and how he/she manages to teach and instruct concerning a selected numberof soft ware and how the students evaluate their own knowledge compared to that of the teacher.My investigation shows that the teachers consider their knowledge relevant for their task asinstructors and teachers. This especially distinguished school “A” where the combination of onesenior teacher and two more recently examined teatchers have the most recent and updatedknowledge. The senior teacher renews all the time while his younger colleagues have updatedand new knowledge from their studies.The teachers of school “B” are more submissive regarding their own knowledge as well as thatof their students. Six teachers were interviewed and three of them considered the studentssometimes to be more competent than themselves. Those teachers also rely on the ITdepartementof the school, their colleagues and the students and their self instructions.My investigation shows that five part of the teachers consider their IT-knowledge relevant fortheir task as an instructor, while four part of the teachers consider the student’s knowledge oftenand sometimes to be superior to their own.</p> / <p>Många ungdomar har idag datorprogramkunskaper, som lärare saknar. Tillgången till datorer isåväl skol- som i hemmiljö är bidragande orsaker till det men också att de växt upp med IT somett naturligt inslag är av betydelse. Det kan också bero på att IT-utbildning inte fått någon centralplats i lärarutbildningen, och att många lärare som undervisar inom medieämnen, inte fortbildarsig kontinuerligtMitt syfte med denna uppsats är att skaffa kunskap och utvärdera om den undervisande lärarensdatorkunskaper inom Medieprogrammet och ämnet Mediekunskap räcker för att möta dagensmediekunniga elever.För att få ett empiriskt perspektiv på problemet har jag i min undersökning intervjuat och ställtfrågor via enkäter till medielärare på två gymnasieskolor i Värmland. Eleverna har besvaratenkäter. Skolorna benämner jag som A och B i undersökningen.Finns det motiv för att fundera över om lärarnas programkunskaper är tillräckliga, för att geeleven relevant kunskap i att lära sig hantera programmen de undervisas i? Om de inte är det, hurskaffar läraren då kunskap för att tillmötesgå elevernas färdigheter?IT-kunnande kan uttryckas komplext men i undersökningen har jag begränsat mig till att få svarpå hur lärarna behärskar att undervisa i ett antal utvalda programvaror samt få svar på hur deraselever skattar sina egna och lärarnas programkunskaper. Eleverna fungerar som en kontrollgruppi min undersökning.Min analys visar på att fem av de nio lärarna anser sig ha de kunskaper som krävs förundervisningen i sina ämnen. Särskilt gäller det för skola A, där kombinationen en äldre och tvåyngre lärare har mer aktuella IT-kunskaper. Den äldre förnyar dem och lär nytt kontinuerligt ochde yngre har aktuell lärarutbildning med sig i sitt bagage.Skola B-lärarna är mer ödmjuka till sina egna såväl som till elevernas IT-kunskaper. Av de sexintervjuade lärarna där ansåg hälften av dem, att eleverna ofta eller då och då är duktigare än vadde själva är. Och räcker inte den egna IT-kunskapen till förlitar man sig till skolans ITavdelning,kolleger samt genom att eleverna hjälper varandra eller klarar sig själva.Genom min undersökning framkommer att den övervägande delen av lärarna har ITkompetensenmen dock anser fyra av lärarna i skola B att någon eller några är bättre än vad desjälva är att hantera och förstå datorprogrammen.</p>

IT

IKT

Media

Medieteacher

Computerknowledge

IT

IKT

Media

Medielärare

Datorprogramkunskaper

Measuring the Impact of Information Technology on Value and Productivity using a Process-Based Approach: The case for RFID Technology

Subirana, Brian, Eckes, Chad, Herman, George, Sarma, Sanjay, Barrett, Michael

12 March 2004

There has been a lot of research addressing the relationship between Information Technology (IT) investments and productivity. Most of the work has been based on firm-level metrics such as total IT investment. We present what we believe is one of the first attempts to create a systematic methodology to assess the impact of IT in business process performance metrics. Our approach builds on the MIT Process Handbook as a basis to both guide the analysis and capture the resulting knowledge for future use. We will present preliminary results on how to use such methodology to analyze the impact of a given IT technology, namely RFID (radio frequency identification devices), in performance metrics of a consumer packaged goods company. We are interested in looking at how IT may impact performance metrics such as productivity, cost and value. We believe our methodology can help CPG companies prioritize their investments. We show results on how the specialization features of the MIT Process Handbook can incorporate performance metrics to help assess such investments in RFID

IT investments

IT productivity

Information Technology

MIT Process Handbook

Samspelet mellan IT-avdelning och verksamhet : En studie av hur koordination påverkas av strukturer och social interaktion

Lind, Gabriel, Backström, Emma

January 2013

Several surveys indicate that corporate leaders still consider the aligning of IT and business functions as a top management issue. The aim of this thesis is to illustrate how coordination emerges between IT and business departments and how formal structures intended to coordinate are influenced by human action. To deepen the understanding of this phenomenon we seek to analyze IT/business coordination from a perspective based on practice theory. A field study was conducted where observations and informal interviews were carried out at the IT department of a global company. The empirical analysis indicate that coordination problems between IT and business departments is in part affected by embedded factors such as different goals and perspectives on how IT is to be used in the organization or how to design IT related processes. Our findings suggest that social interaction plays an important role for coordination. It can enhance existing formal structures or create new structures, which improve the possibilities to coordinate between IT and business departments. Our findings also show how formal structures such as cross-functional roles can constitute conditions to initiate social interaction. The results can be used as indicators for how to enhance coordination between IT and business departments.

IT management

coordination

IT/business alignment

practice theory

Looking through the Clouds : A Tale of Two Universities

Melin, Ulf, Sarkar, Pradip, K., Young, Leslie, W.

January 2012

Cloud computing has become a popular buzzword and a trend in the IT industry. With characteristic features of scalable computing resources on-demand, and accessibility on a pay-per-use basis, it has been promoted as the harbinger of good tidings to its subscribers, such as the minimization of in-house IT infrastructures, substantial cost savings, and diminished administrative hurdles, thereby appearing as an appealing outsourcing proposition for non-IT enterprises, such as universities. This paper presents a comparative case study of two universities, one in Australia (UniOz) and one in Sweden (UniSwed). The two universities illustrate examples of how contemporary organisations interpret cloud computing, of drivers behind moving services into the cloud, and of prevailing concerns. Similarities pertaining to drivers for cloud computing are identified at the two cases (seeking scalable computing resources, and the re-allocation of IT resources to focus on core enterprise operations, with an aim to trim costs). This is identified in spite of differences in the culture of respective IT departments. Differences were also identified in terms of student vs. staff driven sourcing of services (email), and early vs. late adoption. The case study also illustrates interesting patterns in terms of the organisational implications of cloud services over time that calls for longitudinal studies. The implication of this paper is three-fold; two cases are consistent with outsourcing theories, they point to a transformation of the status quo, rather than an erosion of the role and influence of the internal IT department, and also reveals gaps in outsourcing theories and a possible future research direction in strengthening the relevant theoretical framework.

Cloud computing

IT services

IT in organisations

outsourcing

universities

case research

Towards an Understanding of Board IT Governance: Antecedents and Consequences

Jewer, Jennifer

January 2009

Board involvement in Information Technology (IT) governance and the antecedents and consequences of such involvement are examined from both a theoretical and practical perspective. Practitioner and academic IT governance literature highlight the need for increased board involvement in IT governance; however, it seems that many corporate boards do not practice a formalized style of IT governance, while those that do, face significant challenges. A gap clearly is seen as in spite of the potential benefits of board IT governance and the costs of ineffective oversight, there has been little field-based research in this area, nor adequate application of theory. This research addresses this gap by developing and testing an exploratory multi-theoretic framework of board IT governance. Drawing upon strategic choice and institutional theories, and Ashby’s Law of Requisite Variety, a model of the antecedents (organization factors and board attributes) of board IT governance and its consequences (financial performance and operational performance) is both developed and tested. Unlike previous studies, board IT governance is designated as a central construct in this model rather than a secondary factor. Constructs of board IT governance and IT competency are explored and multi-item measures for both constructs are developed. Board IT governance is conceptualized as the extent of offensive and defensive board oversight activities, while IT competency is conceptualized as the extent of IT expertise (IT knowledge, experience and training) and IT governance mechanisms (structures, processes and relational mechanisms). Detailed interviews with board members enabled a preliminary examination of the theoretical framework. To further test the propositions in the theoretical framework and to validate the measures for the board IT governance and IT competency constructs, an online survey was administered to corporate directors across Canada. Exploratory Factor Analysis and Ordinary Least Squares multiple regression were used to analyze responses from 188 directors. The board IT governance and IT competency constructs were well supported by the data. In addition, the results show that the organizational factors explain 28% of the variance in board IT governance, and that board attributes explain 39% more of the variance, for a total explained variance in board IT governance of approximately 68%. The results also show that board IT governance has a positive impact on operational performance, explaining 19% of the variance in operational performance. However, the proposed impact of board IT governance on financial performance, and the impacts of ‘fit’ between role of IT and board IT governance approach on financial and operational performance were not supported by the survey results. Overall, this research makes a theoretical contribution by: focusing on the board’s role in IT governance; developing a multi-theoretical model of the antecedents and consequences of board IT governance; developing measures of board IT governance and board IT competency, and; empirically assessing the antecedents and consequences of board IT governance.

IT governance

board of directors

IT competence

corporate governance

Management Sciences

Towards an Understanding of Board IT Governance: Antecedents and Consequences

Jewer, Jennifer

January 2009

Board involvement in Information Technology (IT) governance and the antecedents and consequences of such involvement are examined from both a theoretical and practical perspective. Practitioner and academic IT governance literature highlight the need for increased board involvement in IT governance; however, it seems that many corporate boards do not practice a formalized style of IT governance, while those that do, face significant challenges. A gap clearly is seen as in spite of the potential benefits of board IT governance and the costs of ineffective oversight, there has been little field-based research in this area, nor adequate application of theory. This research addresses this gap by developing and testing an exploratory multi-theoretic framework of board IT governance. Drawing upon strategic choice and institutional theories, and Ashby’s Law of Requisite Variety, a model of the antecedents (organization factors and board attributes) of board IT governance and its consequences (financial performance and operational performance) is both developed and tested. Unlike previous studies, board IT governance is designated as a central construct in this model rather than a secondary factor. Constructs of board IT governance and IT competency are explored and multi-item measures for both constructs are developed. Board IT governance is conceptualized as the extent of offensive and defensive board oversight activities, while IT competency is conceptualized as the extent of IT expertise (IT knowledge, experience and training) and IT governance mechanisms (structures, processes and relational mechanisms). Detailed interviews with board members enabled a preliminary examination of the theoretical framework. To further test the propositions in the theoretical framework and to validate the measures for the board IT governance and IT competency constructs, an online survey was administered to corporate directors across Canada. Exploratory Factor Analysis and Ordinary Least Squares multiple regression were used to analyze responses from 188 directors. The board IT governance and IT competency constructs were well supported by the data. In addition, the results show that the organizational factors explain 28% of the variance in board IT governance, and that board attributes explain 39% more of the variance, for a total explained variance in board IT governance of approximately 68%. The results also show that board IT governance has a positive impact on operational performance, explaining 19% of the variance in operational performance. However, the proposed impact of board IT governance on financial performance, and the impacts of ‘fit’ between role of IT and board IT governance approach on financial and operational performance were not supported by the survey results. Overall, this research makes a theoretical contribution by: focusing on the board’s role in IT governance; developing a multi-theoretical model of the antecedents and consequences of board IT governance; developing measures of board IT governance and board IT competency, and; empirically assessing the antecedents and consequences of board IT governance.

IT governance

board of directors

IT competence

corporate governance

Management Sciences