Investigating the Relationship between IT and Organizations: A Research Trilogy

Raymond, Benoit

12 December 2010

The overall objective of this dissertation is to contribute to knowledge and theory about the influence of information technology (IT) on organizations and their members. This dissertation is composed of three related studies, each examining different aspects of the relationship between IT and organizations. The objective of the first study is to provide an overview of the dominant theoretical perspectives that IS researchers have used in the last five decades to study the influence of technology on organizations and their members. Without being exhaustive, this study seeks more specifically to identify, for each decade, the dominant theoretical perspectives used in the IS field. These dominant theoretical perspectives are illustrated by the selection and description of exemplars published in the decade and their implications for researchers and practitioners are discussed. This review is useful not only for understanding past trends and the current state of research in this area but also to foresee its future directions and guide researchers in their future research on the influence of IT on organizations and their members. The objective of the second study is to theorize how IT artifacts influence the design and performance of organizational routines. This study adopts organizational routines theory as its theoretical lens. Organizational routines represent an important part of almost every organization and organizational routines theory is an influential theory that explains how the accomplishment of organizational routines can contribute to both organizational stability and change. However, the current form of this theory has several limitations such as its neglect of the material aspect of artifacts and the distinctive characteristics of IT artifacts, and its treatment of artifacts as outside of organizational routines. This study seeks to overcome these limitations by extending organizational routines theory. The objective of the third study is to develop a better understanding of information security standards by analyzing the structure, nature and content of their controls. This study investigates also the mechanisms used in the design of information security standards to make them both applicable to a wide range of organizations and adaptable to various specific organizational settings. The results of this study led to the proposition of a new theory for information systems called generative control theory.

Information technology

research perspective

organizational routine

materiality

information security standard

generative control

Management Information Systems

Integrated planning of modern distribution networks incorporating UK utility practices

Mansor, Nurulafiqah Nadzirah

January 2018

Distribution system plays a significant role in the overall electrical power system due to its impact on electricity costs, reliability as well as security of supplied energy. Optimal development planning of modern distribution system is mainly required to satisfy continuous change in customer demands and generations in a cost-effective manner, utilizing the available smart solutions. All these aspects need to be addressed in modern distribution planning methodology that can be applied today in real-life. Review has shown that there are no distributions planning models that adequately model security of supply of radially operated networks. Moreover, the optimal development planning models still do not consider multiple operating regimes, which has become a necessity due to connection of low carbon technologies. Numerous techniques published on this subject tend to ignore the regulations and planning standards that must be complied during system development, resulting in methodology that is not in-tuned with business practices. Furthermore, a comprehensive model that integrates all major components of today’s real-life distribution planning is still lacking, even though many of them have been addressed individually. In this thesis, integrated planning methodology for development of distribution system is proposed, incorporating utility practices in the UK. The overall methodology built on two independent stages, investment stage and operation stage. The operation stage is further cast into two sub-stages, quality of supply planning and minimization of operation costs planning. The overall planning methodology incorporates the novel probabilistic decision tree concept for distribution system planning to consider probable network uncertainties. The first model which is the investment stage determines the new construction and reinforcement of circuits and switchgear, along with circuit decommissioning. Multiple operating regimes due to fluctuation in generation and load profiles are considered, in addition to explicit modelling of N-1 security constraint according to P2/6 planning standards. The quality of supply planning determines the allocation of switchgear and its automation to maximise the reliability benefits from the regulatory incentive regime. Finally, the operation model determines the optimal network configuration that minimises the total operation costs of distribution system. The final outputs are list of cables and switchgear for construction, reinforcement, and decommission, benefits harvested due to quality of supply investments on switchgear, optimal network running arrangement, etc. These studies have proven to be important in formulating effective strategies for development of distribution system, in compliance to the planning standards and resulted in higher network operation capabilities.

Challenges of Wireless Security in the Healthcare Field : A study on the WPA3 standard

Mironov, Georgiana

January 2020

The healthcare environment is a complex one, saturated by wireless medical devices and sensitive patient data flowing through the network traffic. With the increased popularity of wireless medical devices in the healthcare domain together with the announcement of the new wireless security standard WPA3 comes a need to prepare for a new generation shift in wireless security. The goal of this study is therefore to investigate what challenges the healthcare sector can encounter when faced with the inevitable transition to WPA3. By performing a literature review on the security state of WPA3 compared to its predecessor and performing qualitative interviews with network technicians working in the healthcare sector, three major challenges were identified. IT professionals in the healthcare domain struggle with integrating legacy software systems, keeping middleware software solutions secure, and with handling hardware medical devices that come with outdated wireless standards. By analysing existing literature, several mitigating actions to battle these challenges were presented in this study.

WPA3

Wi-Fi Protected Access 3

WPA2

Wi-Fi Protected Access 3

wireless security standard

healthcare

challenges

wireless medical devices

Computer Sciences

Datavetenskap (datalogi)

Návrh metodiky pro příručku ISMS a opatření aplikované na vybrané oblasti / Proposal of Methodics for ISMS Guide and Measures Applied to Selected Areas

Nemec, Tomáš

January 2013

Content of this thesis is a methodology for creating ISMS Security Manual. Implementation of the proposal is supported by theoretical knowledge in the introductory part of this work. Practical process design methodology is conditional on the structure of the international standard ISO/IEC 27001:2005.

En studie av SSL / A Studie Of SSL

Petrusic, Dejan

January 2004

Dokumentet är ett resultat av studier gjorda under kursen Kandidatarbete I Datavetenskap. Arbetet utforskade, genom fallstudie, två egenskaper av distribuerade informationssystem och relation mellan dessa: säkerhet och prestanda. Målet med fallstudien har varit att belysa nackdelen med användning av Secure Socker Layer (SSL) dvs. dess effekt på hastigheten och fördelen med SSL, dvs. SSL:s roll i informationssäkerhetsarbetet. Arbetet visar hur prestanda i ett tillämpad distribuerat informationssystem kan påverkas av en SSL tillämpning. Systemets responstid testades för skillnader mellan en SSL säkrad uppkoppling och utan. Det testade systemet var ett bokningssystem som används för administration av resor, utvecklat i DotNet utvecklingsplattform. Arbetet har dessutom visat genom studien av informationssäkerhetsstandarden ledningssystem för informationssäkerhet (LIS) vilken plats som SSL protokollet har i informationssäkerhetsarbetet i organisationer. Metoden för jämförelse utvecklades och baserades på interaktionsmodellen. Hypotesen för arbetet var att mjukvara som tillämpar SSL gör att responstiden blir längre men gör också att informationssystemet uppfyller krav enligt standarden för ledningssystem av informationssäkerhet SS-ISO/IEC 17799 och SS 62 77 99-2. Hypotesen bekräftades då resultatet för mätningen visade en ökning på 37,5 % i medel för klienten med säkrad SSL uppkoppling och att resultatet av LIS studien visade att organisationer uppfyller viktiga krav ställda i standarden genom at ha en SSL säkrad kommunikation i sitt informationssystem. / This study shows the impact of SSL application on performance in a distributed information system. Further, the case study shows also, through studies of information security standard SS-ISO/IEC 17799, the place that SSL has in applying information security in organisations. / dejanpetrusic@hotmail.com, is00dpe@student.bth.se

informationssystem

information systems

distribuerade system

distributed systems

säkerhet

security

prestanda

performance

mätningar

measurements

SSL

säkerhetsstandard

security standard

ss-iso/iec 17799

webbtjänster

webservice

.net

SOAP

XML

integration

ILT Booking System

Computer Sciences

Datavetenskap (datalogi)