Your search keyword '"David Birchall"' showing total 2 results

1. Perception of risk and the strategic impact of existing IT on information security strategy at board level.

Author

Elspeth McFadzean, Jean-Noel Ezingeard, and David Birchall

Subjects

INTERNET security, BUSINESS enterprise security, BUSINESS information services, INFORMATION resources management, MANAGEMENT, INTERVIEWING, SECURITY systems

Abstract

Purpose - Information security is becoming increasingly more important as organisations are endangered by a variety of threats from both its internal and external environments. Many theorists now advocate that effective security policies should be created at senior management level. This is because executives are able to evaluate the organisation using a holistic approach as well as having the power to ensure that new systems and procedures are implemented in a timely manner. There is, however, a continuing lack of understanding regarding the strategic importance of managing information security. In addition, there is a gap in the literature on the relationship between directors and information security strategy. This paper attempts to close this gap by exploring how directors perceive their organisation''s security and what factors influence their decisions on the development and implementation of information security strategy. Design/methodology/approach - The research is based on constructivist grounded theory. Forty-three interviews were conducted at executive level in 29 organisations. These interviews were then coded and analysed in order to develop new theory on directors'' perception of risk and its effect on the development and implementation of information security strategy. Findings - The analysis shows that senior managers'' engagement with information security is dependent on two key variables: the strategic importance of information systems to their organisation and their perception of risk. Additionally, this research found that these two variables are affected by both organisational contextual factors and the strategic and operational actions undertaken within the business. Furthermore, the results demonstrated that the two board variables also have an impact on the organisation''s environment as well as its strategic and operational actions. This paper uses the data gathered from the interviews to develop a model of these factors. In addition, a perception grid is constructed which illustrates the potential concerns that can drive board engagement. Practical implications - The paper illustrates the advantages of using the perception grid to understand and develop current and future information security issues. Originality/value - The paper investigates how organisational directors perceive information security and how this perception influences the development of their information security strategy. [ABSTRACT FROM AUTHOR]

Published

2007

2. Mastering the art of corroboration: A conceptual analysis of information assurance and corporate strategy alignment.

Author

Jean-Noël Ezingeard, Elspeth McFadzean, and David Birchall

Subjects

INFORMATION resources management, BUSINESS planning, STRATEGIC planning, MATHEMATICAL models, INDUSTRIAL research, MANAGEMENT

Abstract

Purpose - The paper seeks to investigate how the information assurance (IA) efforts of organisations should be aligned with their business strategy. From this analysis, a conceptual model of alignment is presented. This framework shows several organisational factors that can influence alignment. Design/methodology/approach - A number of published works on alignment are discussed in order to develop a conceptual model of IA fit. In addition, Venkatraman's six perspectives of alignment are used as a framework to suggest future research in this area. Findings - The paper presents a definition of information assurance and proposes various reasons why IA is a strategic issue and should be aligned with both IT and corporate strategy. From the literature, a conceptual model illustrating the variables that can influence alignment is presented. Research limitations/implications - A clear conceptualisation of alignment is needed. Six potential research models and associated research questions are proposed. Practical implications - The paper concludes with a number of management and research implications. In looking at the implications for managers, it is argued that any alignment framework should include adequate metrics for checking the strategic fit on a continuous basis. Originality/value - This paper is an initial attempt to fulfil an identified gap in the literature, namely the lack of research undertaken on IA and corporate strategy alignment. It offers practical help for management so that they can improve the fit between IA and business strategy. It also offers several avenues of potential future research using Venkatraman's six perspectives of fit. [ABSTRACT FROM AUTHOR]

Published

2007