Change search
Refine search result
1 - 38 of 38
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Dhillon, Gurpreet
    et al.
    Virginia Commonwealth University.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Dialogical narrative networks and study of global IT-sourcing projects: implications for information security and privacy2013Conference paper (Refereed)
    Abstract [en]

    This paper explores the patterns of technology use in a global enterprise. We use the concept of narrative networks to understand interactions between technology and organizations and the emergent implications. The paper is based on empirical work undertaken in the context of offshoring electronic medical records and billing systems from a group of US physician practices to service providers in India. Findings from our research suggest technology, represented as information security and privacy, as playing a central role in determining outcome of actions and the performances thereof. The narratives in technology in use and enactment of organizational forms display multiple third men, with features that modify the initial understandings of an agreement to implement technical systems.

  • 2.
    Dhillon, Gurpreet
    et al.
    Virginia Commonwealth University.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Misunderstandings and Misjudgements about Security: A Dialogical Narrative Network Analysis of Global IT Offshoring2016Conference paper (Refereed)
  • 3.
    Dhillon, Gurpreet S
    et al.
    Virginia Commonwealth University.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Misunderstandings and misjudgments about security: A dialogical narrative analysis of global it offshoring2016In: AMCIS 2016: Surfing the IT Innovation Wave - 22nd Americas Conference on Information Systems, Association for Information Systems, 2016Conference paper (Refereed)
    Abstract [en]

    This paper explores the patterns of technology use in a global enterprise. We use the concept of narrative networks to understand interactions between technology and organizations and the emergent implications. The paper is based on empirical work undertaken in the context of offshoring electronic medical records and billing systems from a group of US physician practices to service providers in India. Findings from our research suggest technology, represented as information security and privacy, as playing a central role in determining outcome of actions and the performances thereof. The narratives in technology in use and enactment of organizational forms display multiple third men, with features that modify the initial understandings of an agreement to implement technical systems.

  • 4.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    A framework for strategic alignment of business and information technology in small and medium sized firms2004Licentiate thesis, monograph (Other academic)
    Abstract [en]

    This work is based on my interest for strategic issues concerning information technology, industrial networks, and small and medium sized firms. My special interest in these areas has led me to study how information technology is utilized and aligned to different network exchanges. Furthermore, the work focuses on strategic alignment of such utilization of information technology towards business activities. The work basically consists of two parts:Part One:I have conducted two case studies in small and medium sized firms in the northern part of Sweden in the autumn of 2003. The case studies were aimed at finding key factors in inter-organizational relationships where information technology is utilized. The key factors are identified as different types of exchanges such as: social, business, and information exchange. Part Two:From studying these exchanges I have identified a set of keywords which comprise the use of information systems in inter-organizational relationships. The keywords are then used to create differentiated linkages between different properties of information systems and inter- organizational relationships. Following that I continue to the devel-opment of a strategic framework of alignment between business and technology. The framework is based on theoretical work in the area of strategic IS/IT management.

  • 5.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Addressing formality: a conceptualization of information exchange in small firm business transactions2006In: Internet & Information Systems in the Digital Age: Challenges & Solutions: Proceedings of the 7th International Business Information Management Association (IBIMA) Conference / [ed] Khalid S. Soliman, Norristown, PA: International Business Information Management Association (IBIMA), 2006, p. 212-218Conference paper (Refereed)
    Abstract [en]

    Based on a review of two existing frameworks for business transactions, a complementary approach, based on the EDI measurement scheme developed by Massetti et al., (1996), is presented in this paper. Existing frameworks tend to neglect the information exchange aspect of coordination by focusing on phases in business transactions. The complementary approach consider coordination of information exchange from four different aspects: volume, breadth, diversity, and depth of transactions. These four aspects constitute a scheme of the information flow throughout transactions that connect the external information environment with the internal information infrastructure of business partners. The research reported in this paper is beside the review of existing frameworks also empirical. Three case studies of different dyadic relationship settings was conducted in order to test the complemantary approach suggested in this paper.

  • 6.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Aktivitet: Senior Editor, Journal of Information Systems Security2010Other (Other (popular science, discussion, etc.))
  • 7.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Collective IT artifacts: toward inclusive crisis infrastructures2013In: Journal of Information Technology Theory and Application, ISSN 1552-6496, E-ISSN 1532-4516, Vol. 14, no 4, article id 3Article in journal (Refereed)
    Abstract [en]

    This paper investigates a previously overlooked phenomenon in crisis response information systems; namely, inclusive crisis infrastructure. By expanding the well-acknowledged infrastructure concept with alternatives to understandthe nature and scope of inclusive crisis infrastructures, this paper contributes to closing the gap between theory and practice by raising some research questions critical to studying inclusive crisis infrastructures. The emerging literature on crisis response information systems suggests that external sourcing of information increasingly influences crisis response operations. To contribute to this discourse, the paper draws on Pipek and Wulf’s (2009) definition of work infrastructures and Palen and Liu’s (2007) conceptualization of peer-to-peer communications to develop a better understanding of the crisis response arena as a whole. In doing so, this paper goes beyond the emphasis on event-based technologies that currently dominate the crisis response information systems literature and instead argues why crisis infrastructures need to be both inward-looking and accommodating to technological and social outcomes parallel to formal response contexts. The novel conceptualization captures the fact that the crisis context contains collections of collective IT artifacts that are not aligned or related but that are, for autonomy reasons, interlinked to crisis organizations’ current IT infrastructure and may be of great value to such organizations if infrastructure capability options are considered.

  • 8.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Convergence of information security in B2B networks2011In: Electronic Business Interoperability: Concepts, Opportunities, and Challenges, Hershey: Idea Group Publishing, 2011, p. 571-595Chapter in book (Other academic)
    Abstract [en]

    Over the past 20 years, researchers have made significant headway into understanding information security, with most studies focusing on internal organizational information security affairs. This study adds to the cumulative tradition by creating a concept for the convergence of information security in B2B network contexts. More specifically, the move from information security safeguards to information security observers is presented in depth. By adopting the Actor Network Theory and the Process Theory, this chapter demonstrates how three conversion, use, and performance sub-processes constitute the devised process of converging information security. Each sub-process directs attention towards definition, integration, the evaluation of security and how the metaphor of the observer may operate in the B2B network context.

  • 9.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Inter-organisational information systems and inter-organisational cooperation2003In: Proceedings of the 26th Information Systems Research Seminar in Scandinavia, 2003Conference paper (Refereed)
  • 10.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Project: Nordic safety and security2009Other (Other (popular science, discussion, etc.))
  • 11.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Project: Supply Chain Management: Information exchange and management2007Other (Other (popular science, discussion, etc.))
  • 12.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Projekt: HAGRID2007Other (Other (popular science, discussion, etc.))
  • 13.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Relationship alignment between small firms: an information exchange perspective on dyads2006Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    The thesis is about conceptualizing relationship alignment in small firm relationships from an information exchange perspective. The thesis has a theoretical focus but is also informed by three case studies. The thesis is based on five papers dealing with information exchange with different focus: inter-organizational information systems, information exchange patterns, social information exchange, coordination of information, concepts for relationship alignment. The context in which information exchange is examined is small firm relationships. While there are research of information technology in such context on strategic issues of IT alignment, there is still a great need to find out how the small firm relationship can be aligned from the perspective of ‘working together' with an information focus rather than technology focus. The thesis examine and criticize three sets of theoretical bodies; Social exchange theory, relational theory, and information systems theory in order to understand how relationship alignment may be articulated in a differentiated style. The main conclusion drawn from this work is that relationship alignment between small firms could be expressed by a relationship alignment conceptualization that consists of three different aspects of information exchange. The three aspects of the concept are: presence which is the social dimension of exchanging information, formality which has a transaction focus, and mediation, an information technology concept for information exchange.

  • 14.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Small Inter-firm Communication: Aligning the Information Environment2006In: Conference on the 29th Information Systems Research Seminar in Scandinavia: Paradigms Politics Paradoxes, 2006, p. 261-267Conference paper (Other academic)
    Abstract [en]

    In addition to research of alignment that seek to explain how information technology can support intra-firm performance by aligning business strategy with IT strategy, so called social alignment is reciveing more and more attention. Cooperation between firms is more than adoption to different technologies and day to day transactions are virtually always a result of social exchanges between different stakeholders, often managers'. Therefore, this research concentrate on the actual content of information and how it is shared in social exchanges between small firms. The case study research conducted in this paper explores differences in information exchange content in three different dyadic small firm relationships. The purpose with the research is to extend the "knowledge base" of alignment by focusing on the social information exchange dimension between small firms

  • 15.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Small inter-firm cooperation: aligning social information exchange2006In: Managing Information in the Digital Economy: Issues & Solutions: Proceedings of the 6th International Business Information Management Association (IBIMA) Conference / [ed] Khalid S. Soliman, Norristown, PA: International Business Information Management Association (IBIMA), 2006Conference paper (Other academic)
    Abstract [en]

    In addition to research of alignment that seek to explain how information technology can support intra-firm performance by aligning business strategy with IT strategy, so called social alignment is reciveing more and more attention. Cooperation between firms is more than adoption to different technologies and day to day transactions are virtually always a result of social exchanges between different stakeholders, often managers'. Therefore, this research concentrate on the actual content of information and how it is shared in social exchanges between small firms. The research conducted in this paper explores differences in information exchange content in three different dyadic small firm relationships. The purpose with the research is to extend the "knowledge base" of alignment by focusing on the social information exchange dimension between small firms.

  • 16.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Hartikainen, Heidi
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Multi-layers of information security in emergency response2011In: International Journal of Information Systems for Crisis Response and Management, ISSN 1937-9390, E-ISSN 1937-9420, Vol. 3, no 2, p. 1-17Article in journal (Refereed)
    Abstract [en]

    This paper draws on the socio-technical research tradition in information systems to re-conceptualize the information security in emergency response. A conceptual basis encompassing the three layers—technical, cognitive, and organizational—is developed by synthesizing Actor Network Theory and Theory of Organizational Routines. This paper makes the assumption that the emergency response context is built on the relationship between association and connectivity, which continuously shapes the emergency action network and its routines. Empirically, the analysis is based on a single case study conducted across three emergency departments. The data thus collected on information security, emergency department routines, and emergency actions is used to theorize specifically on the association/connectivity relationship. The resultant findings point to the fact that information security layers have a meaning in emergency response that is different from mainstream definitions of information security.

  • 17.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Lindström, John
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Exploring socio-technical design of crisis management information systems2011In: Crisis Response and Management and Emerging Information Systems: Critical Applications, Hershey: Idea Group Publishing, 2011, p. 139-155Chapter in book (Other academic)
  • 18.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Lindström, John
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Information security management: the role of behavior2010Conference paper (Refereed)
  • 19.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Lindström, John
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Materializing organizational information security2012In: Nordic Contributions in IS Research: Third Scandinavian Conference on Information Systems, SCIS 2012, Sigtuna, Sweden, August 17–20, 2012. Proceedings / [ed] Christina Keller; Mikael Wiberg; Pär J. Ågerfalk; Jenny Eriksson Lundström, Encyclopedia of Global Archaeology/Springer Verlag, 2012, Vol. 124, p. 76-94Conference paper (Refereed)
    Abstract [en]

    In the context of situated elderly care this paper discusses the intertwined relationship between organizational security objectives, technology, and employees' security behavior. We use findings from a single case study to aid in our understanding of how managers sought to create a secure work environment by introducing behavioral security technology, and how employees appreciated the new security software in everyday routines. Theoretically the case study is informed by sociomateriality in that it employs the notion of technological affordances of behavioral security technology. Findings show that security technology material is an integral part of security management and security in use, and that both the technical actor and human actors contributed to cultivation of the information security practice in the elderly care center

  • 20.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Lindström, John
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Shaping security behavior through discipline and agility: Implications for information security management2011In: Information Management & Computer Security, ISSN 0968-5227, E-ISSN 1758-5805, Vol. 19, no 4, p. 262-276Article in journal (Refereed)
    Abstract [en]

    Purpose: The purpose of this paper is to broaden the understanding about security behaviour bydeveloping a security behavior typology based on the concepts of discipline and agility.Design/methodology/approach: A case study was designed to analyze security behaviours in onepublic nursing centre. The inquiry was organized around the themes discipline and agility, culture,and security processes in order to get an in-depth understanding of the complex relationship betweensecurity management, referred to as discipline, and security in use, referred to as agility.Findings: The paper shows that security behaviour can be shaped by discipline and agility and thatboth can exist collectively if organizations consider the constitutional and existential aspects ofinformation security management.Practical implications: This research makes a pivotal stand for the issue how security behavioursnarrate a broad picture to enhance information security management. In particular, this will improvedesign of information security training and awareness programs.Originality/value: This research is relevant to information security management in organizations,particularly as behavioural and cultural aspects are becoming increasingly significant for maintainingand also designing systemic information security management.

  • 21.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Lindström, John
    Samuelsson, Sören
    Socio-technical design approach for crisis management information systems2009In: International Journal of Information Systems for Crisis Response and Management, ISSN 1937-9390, E-ISSN 1937-9420, Vol. 1, no 3Article in journal (Refereed)
    Abstract [en]

    This article describes research in progress of a design approach for crisis management information systems. A qualitative study was designed to gather data from four municipalities in northern Sweden, which all have responsibility for crisis management in each local environment. The purpose with the article is to discuss broad but strongly related information issues to crisis management and from that suggest a socio-technical oriented approach for crisis management information systems design. The preliminary design approach suggests that a network of knowledge, IT management and information integration is a promising base for design in the area. Considering that responsible actors in crisis environments have great knowledge in crisis planning and operation indicate that such an environment can be understood as a network of knowledge that account for both the social and technical dimension during crises. Theories from IT management and information integration provide input to the technical dimension of the suggested design approach.

  • 22.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Nilsson, Jörgen
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Collaboration environments: a single point of access into networks of knowledge2008In: Collaboration and the knowledge economy: issues, applications, case studies / [ed] Paul Cunningham; Miriam Cunningham, Amsterdam: IOS Press, 2008Conference paper (Refereed)
  • 23.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science. Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Distance- Spanning Technology.
    Samuelsson, Sören
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Lindström, John
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Action research supported implementation of a crisis competence centre2009In: ISCRAM 2009: 6th international conference on information systems for crisis response and management : boundary spanning initiatives and new perspectives : Gothenburg, Sweden 10th - 13th of May / [ed] J. Landgren; U. Nulden; B. Van de Walle, Göteborg, 2009Conference paper (Refereed)
    Abstract [en]

    The purpose of this paper is to describe the development of a regional crisis competence centre in Sweden. The overall research approach utilizes action research methodology to support the development process. The overall development process is divided into three steps; early need finding, the organizational platform, and business development. This paper is devoted to the first phase - early need finding - which deals with the specific needs and demand of four municipality organizations and how these requirements can be converged into a organizational setting that correspond to national crisis management strategies as well as regional responsibilities in crisis management. The research approach is action based and the theoretical considerations to support progress in development activities are from the Actor Network Theory (ANT). The main conclusion from the research is that the formation of a crisis competence centre revolves around sharing competences, and compromising between internal and external objectives in the progress towards a common goal.

  • 24.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Thapa, Devinder
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    A framework for classifying design research methods2013In: Design Science at the Intersection of Physical and Virtual Design: 8th International Conference, Desrist 2013, Helsinki, Finland, June 11-12,2013, Proceedings. / [ed] Jan vom Brocke; Riita Hekkala; Sudha Ram; Matti Rossi, New York: Encyclopedia of Global Archaeology/Springer Verlag, 2013, p. 479-485Conference paper (Refereed)
    Abstract [en]

    Design Science Research (DSR) methods are much debated by the IS community with regard to outcome and research process. This debate creates ambiguity for the novice researchers in terms of selecting appropriate DSR methods. To address this ambiguity, this essay proposes a framework for classifying the DSR methods by providing conceptual clarity about DSR outcome and DSR research process. The proposed framework creates a taxonomy differentiating between outcomes as a priori formulated or emergent through contextual interaction, likewise, viewing the research process as deductive or abductive. The taxonomy provides guidance to the researchers before embarking any DSR projects. The essay contributes to the on-going discussion on utilization of the DSR methods in DSR projects.

  • 25.
    Harnesk, Dan
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Thapa, Devinder
    University of Agder.
    Equipment-as-experience: A Heidegger-based position of information security2016In: Proceedings of the Thirty Seventh International Conference on Information Systems, 2016Conference paper (Refereed)
    Abstract [en]

    Information security (InfoSec) has ontologically been characterised as an order machine. The order machine connects with other machines through interrupting mechanisms. This way of portraying InfoSec focuses on the correct placement of machine entities to protect information assets. However, what is missing in this view is that for the InfoSec we experience in everyday practice, we are not just observers of the InfoSec phenomena but also active agents of it. To contribute to the quest, we draw on Heidegger's (1962) notion of equipment and propose the concept of equipment-as-experience to understand the ontological position of InfoSec in everyday practice. In this paper we show how equipment-as-experience provides a richer picture of InfoSec as being a fundamental sociotechnical phenomena. We further contend using an example case to illustrate that InfoSec equipment should not be understood merely by its properties (present-at-hand mode), but rather in ready-to-hand mode when put into practice.

  • 26.
    Hartikainen, Heidi
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Harnesk, Dan
    A review of secure emergency communications: technical and organisational aspects2009In: Proceedings of the 32nd Information Systems Research Seminar in Scandinavia, IRIS 32, Inclusive Design / [ed] J. Molka-Danielsen, 2009Conference paper (Refereed)
    Abstract [en]

    In organizations responsible for emergency management there is a growing need to develop deep understanding for how communications between emergency actors can be secured and improved. In this paper we examine the current body of knowledge in the field of secure emergency communications in order understand the role of information security in the emergency context? Our study shows that while technical developments aim at effective and secure technologies, organizational aspects of emergency communications seem to involve not only emergency management actors, but also how these actors more and more utilize information technology for emergency management. Hence, the scene or landscape for emergency management is becoming more complex, which indeed challenge the way that secure emergency communications can be understood. We apply Giddens' structuration theory as a vehicle to understand the technological and organizational dimensions of emergency management. Our main conclusion is that there is a need for better theoretical integration between technology use and organizational systems in emergency management.

  • 27.
    Laaksonen, Anna Elina
    et al.
    Tammerfors University.
    Niememaa, Maarko
    Åbo University.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Influences of frame incongruence on information security policy outcomes: an interpretive case study2013In: International Journal of Social and Organizational Dynamics in I T, ISSN 2155-6334, Vol. 3, no 3, p. 33-50Article in journal (Refereed)
  • 28.
    Lindström, John
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Aspects to consider within information security during procurement and use of cloud services, v1.002013Other (Other academic)
  • 29.
    Lindström, John
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Signals and Systems.
    Aspects to consider within information security during procurement and use of cloud services, v2.002014Other (Other academic)
  • 30.
    Lindström, John
    et al.
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Laaksonen, Elina
    Niemimaa, Marko
    A methodology for inter-organizational emergency management continuity planning2012In: Managing Crises and Disasters with Emerging Technologies: Advancements, IGI Global, 2012, p. 197-215Chapter in book (Refereed)
    Abstract [en]

    This paper extends emergency management literature by developing a methodology for emergency management continuity planning (EmCP). In particular, the methodology focuses on inter-organizational continuous and coordinated planning among emergency management organizations. The authors draw on Soft Systems Methodology (Checkland & Scholes, 1999; Checkland, 2000), using it as a base for better understanding of EmCP. Barriers that must be overcome before the methodology can be introduced and established, as well as potential benefits, are also discussed.

  • 31.
    Lindström, John
    et al.
    Luleå University of Technology, Department of Engineering Sciences and Mathematics, Product and Production Development.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Laaksonen, Elina
    Luleå tekniska universitet.
    Niemimaa, Marko
    Luleå tekniska universitet.
    A methodology for inter-organizational emergency management continuity planning2010In: International Journal of Information Systems for Crisis Response and Management, ISSN 1937-9390, E-ISSN 1937-9420, Vol. 2, no 4, p. 1-19Article in journal (Refereed)
    Abstract [en]

    This paper extends emergency management literature by developing a methodology for emergency management continuity planning (EmCP). In particular, the methodology focuses on inter-organizational continuous and coordinated planning among emergency management organizations. The authors draw on Soft Systems Methodology (Checkland & Scholes, 1999; Checkland, 2000), using it as a base for better understanding of EmCP. Barriers that must be overcome before the methodology can be introduced and established, as well as potential benefits, are also discussed.

  • 32.
    Lindström, John
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Distance- Spanning Technology.
    Samuelsson, Sören
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Hägerfors, Ann
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    The need for improved alignment between actability, strategic planning of IS and information security2008In: 13th International ITA Workshop: Krakow, Poland, 4th - 6th June 2008. Conference Proceedings, 2008, p. 14-27Conference paper (Refereed)
    Abstract [en]

    The purpose of this paper is to high-light problems regarding user actability and security implementations – what are the important mechanisms that affect actability in usage situations? Alignment between actability and strategic IS-planning and security issues is of the essence. However, serious gaps in alignment have been identified concerning strategic IS-planning as well as in development or implementation of security controls, and selection and use of security standards. The analysis of the alignment gaps show that there is a need to bring in the users view on business requirements in IS, or rather what they need to be allowed to do - to be able to work efficiently.

  • 33.
    Niememaa, Maarko
    et al.
    Åbo University.
    Laaksonen, Anna Elina
    Tammerfors University of Technology.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Interpreting information security policy outcomes: a frames of reference perspective2013In: 46th Hawaii International Conference on System Sciences (HICSS), IEEE Communications Society, 2013, p. 4541-4550Conference paper (Refereed)
    Abstract [en]

    A major concern for IS managers is that information security policies seldom produce expected outcomes. Previously, scholars have studied motivations underlying non-conformance to policies and proposed approaches for motivating employees. However, the socio-cognitive aspects that shape employees' perceptions of the policies and implications for policy outcomes have received modest attention. This study draws on socio-cognitive concept of frames and on literature on information security policies to suggest a theoretical and analytical concept of Information Security Policy Frames of Reference (ISPFOR). The concept provides a sensitizing device to interpret how the frames influence organizational groups' perceptions of policies and the implications of the perceptions on policy outcomes. Three frame categories were uncovered through an interpretive case study at large multinational internet service provider. Findings suggest frames shape perceptions of policies and provide an explanation for unanticipated policy outcomes. Implications for research and practice are discussed.

  • 34.
    Padyab, Ali Mohammad
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Päivärinta, Tero
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Genre-Based Approach to Assessing Information and Knowledge Security Risks2015In: Transportation Systems and Engineering: Concepts, Methodologies, Tools, and Applications, Hershey, PA: IGI Global, 2015, p. 1237-1253Chapter in book (Refereed)
    Abstract [en]

    Contemporary methods for assessing information security risks have adopted mainly technical views on information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. This article outlines a new, genre-based, approach to information security risk assessment in order to orientate toward organization- and knowledge-centric identification and analysis of security risks. In order to operationalize the genre-based approach, we suggest the use of a genre-based analytical method for identifying organizational communication patterns through which organizational knowledge is shared. The genre-based method is then complemented with tasks and techniques from a textbook risk assessment method (OCTAVE Allegro). We discuss the initial experiences of three experienced information security professionals who tested the method. The article concludes with implications of the genre-based approach to analyzing information and knowledge security risks for future research and practice.

  • 35.
    Padyab, Ali Mohammad
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Päivärinta, Tero
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Genre-Based Approach to Assessing Information and Knowledge Security Risks2014In: International Journal of Knowledge Management, ISSN 1548-0666, E-ISSN 1548-0658, Vol. 10, no 2, p. 13-27, article id 2Article in journal (Refereed)
    Abstract [en]

    Contemporary methods for assessing information security risks have adopted mainly technical views on information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. This article outlines a new, genre-based, approach to information security risk assessment in order to orientate toward organization- and knowledge-centric identification and analysis of security risks. In order to operationalize the genre-based approach, we suggest the use of a genre-based analytical method for identifying organizational communication patterns through which organizational knowledge is shared. The genre-based method is then complemented with tasks and techniques from a textbook risk assessment method (OCTAVE Allegro). We discuss the initial experiences of three experienced information security professionals who tested the method. The article concludes with implications of the genre-based approach to analyzing information and knowledge security risks for future research and practice.

  • 36.
    Padyab, Ali Mohammad
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Päivärinta, Tero
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Genre-based assessment of information and knowledge security risks2014In: Proceedings of the Annual Hawaii International Conference on System Sciences, ISSN 1530-1605, p. 3442-3451, article id 6759030Article in journal (Refereed)
    Abstract [en]

    Contemporary methods for assessing information security risks have adopted mainly technical views on the information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. This article outlines how an information security risk assessment method can be elaborated using knowledge-centric analysis of information assets. For this purpose, we suggest the use of a genre-based analysis method for identifying organizational communication patterns, through which organizational knowledge is shared. Initial experiences of the method try-outs by three experienced information security professionals are discussed. The article concludes with a look at the implications of a genre-based analysis of knowledge assets for future research and practice.

  • 37.
    Thapa, Devinder
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
    Rethinking the information security risk practices: a critical social theory perspective2014In: Proceedings of the Annual Hawaii International Conference on System Sciences, ISSN 1530-1605, p. 3207-3214, article id 6758999Article in journal (Refereed)
    Abstract [en]

    There is a lack of theoretical understanding of information security risk practices. For example, the information security risks related literatures are dominated by instrumental approach to protect the information assets. This approach, however, often fails to acknowledge the ideologies and consequences of risks practices. In this paper, through critical analysis, we suggest various perspectives to advance the understanding in this regard. In doing so, we present our argument by reviewing the security risk literature using Habermas’s concept of four orientations: instrumental, strategic, communicative and discursive. The contribution of this paper is to develop conceptual clarity of the risk related ideologies and its consequences on emancipation.

  • 38.
    Thapa, Devinder
    et al.
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Harnesk, Dan
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Ståhlbröst, Anna
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Padyab, Ali Mohammad
    Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
    Make way for the new wave: Living Labs as a DSR Approach2014Conference paper (Refereed)
    Abstract [en]

    Living Lab (LL) has been used as a milieu as well as methodology for open innovation. However, the impression of living lab as a research methodology among academia is still blurring. The living lab carries many elements of design science re-search paradigm such as innovation, artifact, evaluation, design principles, etc. how-ever it still needs conceptual underpinning to proclaim it as a valid DSR methodology. The peculiarity of the living lab approach compare to existing DSR methodologies is its openness, co-creation, and evaluation of IT artifacts beyond organizational context. With the continual growth of open innovation platforms, the living lab as a DSR methodologies can play a supplementary role along with its other companion such as DS, AR, and ADR. In this regard, this paper will provide a conceptual clarity in estab-lishing the living lab as a DSR methodology in the context of open innovation and co-creation of IT artifact that goes beyond organizational setup.

1 - 38 of 38
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf