Merrill Warkentin

Past, present, and future of decision support technology

Since the early 1970s, decision support systems (DSS) technology and applications have evolved significantly. Many technological and organizational developments have exerted an impact on this evolution. DSS once utilized more limited database, modeling, and user interface functionality, but technological innovations have enabled far more powerful DSS functionality. DSS once supported individual decision-makers, but later DSS technologies were applied to workgroups or teams, especially virtual teams. The advent of the Web has enabled inter-organizational decision support systems, and has given rise to numerous new applications of existing technology as well as many new decision support technologies themselves. It seems likely that mobile tools, mobile e-services, and wireless Internet protocols will mark the next major set of developments in DSS. This paper discusses the evolution of DSS technologies and issues related to DSS definition, application, and impact. It then presents four powerful decision support tools, including data warehouses, OLAP, data mining, and Web-based DSS. Issues in the field of collaborative support systems and virtual teams are presented. This paper also describes the state of the art of optimization-based decision support and active decision support for the next millennium. Finally, some implications for the future of the field are discussed.

Encouraging Citizen Adoption of E-Government by Building Trust

A b s t r a c t The growing interest in e-Government raises the question of how governments can increase citizen adoption and usage of their online government services. e-Government becomes especially important given its potential to reduce costs and improve service compared with alternative traditional modes. Citizen trust is proposed to be an important catalyst of e-Government adoption. By investigating online tax services, already available and used extensively in the West, we propose several ways in which governments can increase citizen trust and thus encourage the adoption of this new and potentially significant mode of government service. The proposed e-Government adoption model also takes in account issues of cultural variables, risk, control and technology acceptance. Institution-based trust, such as an independent judicial system with appropriate legal powers, is proposed to be the major tactic to build trust in e-Government. In addition, among new users of online government services, characteristic-based and cognitive-based antecedents should be crucial; general psychological dispositions and knowledge of the process should also engender trust. Among experienced users, on the other hand, it is suggested that the nature of previous interactions with the e-Government system should be the major predictor of trust, and hence of continued use. These propositions are elucidated, as they apply to different cultures and to highintrusive versus low-intrusive government services. This study has practical implications for the design of mechanisms for the adoption of e-Government.

Fear appeals and information security behaviors: an empirical study

Information technology executives strive to align the actions of end users with the desired security posture of management and of the firm through persuasive communication. In many cases, some element of fear is incorporated within these communications. However, within the context of computer security and information assurance, it is not yet clear how these fear-inducing arguments, known as fear appeals, will ultimately impact the actions of end users. The purpose of this study is to investigate the influence of fear appeals on the compliance of end users with recommendations to enact specific individual computer security actions toward the mitigation of threats. An examination was performed that culminated in the development and testing of a conceptual model representing an infusion of technology adoption and fear appeal theories. Results of the study suggest that fear appeals do impact end user behavioral intentions to comply with recommended individual acts of security, but the impact is not uniform across all end users. It is determined in part by perceptions of self-efficacy, response efficacy, threat severity, and social influence. The findings of this research contribute to information systems security research, human-computer interaction, and organizational communication by revealing a new paradigm in which IT users form perceptions of the technology, not on the basis of performance gains, but on the basis of utility for threat mitigation.

Future directions for behavioral information security research

Information Security (InfoSec) research is far reaching and includes many approaches to deal with protecting and mitigating threats to the information assets and technical resources available within computer based systems. Although a predominant weakness in properly securing information assets is the individual user within an organization, much of the focus of extant security research is on technical issues. The purpose of this paper is to highlight future directions for Behavioral InfoSec research, which is a newer, growing area of research. The ensuing paper presents information about challenges currently faced and future directions that Behavioral InfoSec researchers should explore. These areas include separating insider deviant behavior from insider misbehavior, approaches to understanding hackers, improving information security compliance, cross-cultural Behavioral InfoSec research, and data collection and measurement issues in Behavioral InfoSec research.

Training to improve virtual team communication

Abstract. Organizations are utilizing virtual teams, comprising workgroup members who communicate and collaborate with technology, to accomplish tasks. These teams are geographically distributed and communicate via computer‐mediated communication systems (CMCS), and may never or rarely meet face‐to‐face. Relational links among team members have been found to be a significant contributor to the effectiveness of information exchange in the use of CMCS. In most cases, team members receive little or no training to improve the effectiveness of this form of communication. When training is used, it often focuses on software utilization skills, not on interpersonal communication dynamics. This paper discusses the effect of virtual team communication training on group interactions, especially for enhancing these relational links and thereby improving communication and information exchange in virtual teams. It was found that teams that were given appropriate training exhibited improved perceptions of the interaction process over time, specifically with regard to trust, commitment and frank expression between members. Discussion of the role of training on virtual team processes and outcomes is discussed and future research implications are presented.

Behavioral and policy issues in information systems security: the insider threat

Modern global economic and political conditions, technological infrastructure, and socio-cultural developments all contribute to an increasingly turbulent and dynamic environment for organizations, which maintain information systems (IS) for use in business, government, and other domains. As our institutions (economic, political, military, legal, social) become increasingly global and inter-connected; as we rely more on automated control systems to provide us with energy and services; and as we establish internet-based mechanisms for coordinating this global interaction, we introduce greater vulnerability to our systems and processes. This increased dependence on cyberspace also inflates our vulnerability – isolation is no longer an option. Perhaps no aspect of this phenomenon is as alarming and challenging as the need to understand and address the various risks to the security of the IS on which we depend.

Beyond deterrence: an expanded view of employee computer abuse

Recent academic investigations of computer security policy violations have largely focused on nonmalicious noncompliance due to poor training, low employee motivation, weak affective commitment, or individual oversight. Established theoretical foundations applied to this domain have related to protection motivation, deterrence, planned behavior, self-efficacy, individual adoption factors, organizational commitment, and other individual cognitive factors. But another class of violation demands greater research emphasis: the intentional commission of computer security policy violation, or insider computer abuse. Whether motivated by greed, disgruntlement, or other psychological processes, this act has the greatest potential for loss and damage to the employer. We argue the focus must include not only the act and its immediate antecedents of intention (to commit computer abuse) and deterrence (of the crime), but also phenomena which temporally precede these areas. Specifically, we assert the need to consider the thought processes of the potential offender and how these are influenced by the organizational context, prior to deterrence. We believe the interplay between thought processes and this context may significantly impact the efficacy of IS security controls, specifically deterrence safeguards. Through this focus, we extend the Straub and Welke (1998) security action cycle framework and propose three areas worthy of empirical investigation--techniques of neutralization (rationalization), expressive/instrumental criminal motivations, and disgruntlement as a result of perceptions of organizational injustice--and propose questions for future research in these areas.

Issues in Mobile E-Commerce

Though many companies are still just beginning to grasp the potential uses and impacts of the Web and e-commerce, advances in technologies and their application continue. These advances often present various managerial and technological issues for individuals, companies, governments, and other entities. One significant area of technological advancement is the development of mobile e-commerce, which encompasses interactive business activities and processes related to a (potential) commercial transaction conducted through communications networks that interface with wireless devices. These systems provide the potential for organizations and users to perform various commerce-related tasks without regard to time and location (anytime from anywhere). This emerging mobile e-commerce environment presents a new set of issues. This paper identifies and categorizes some of these issues so that researchers, developers, and managers have a starting point for focusing their activities within the emerging m-commerce domain. Our examination finds categories that include technological (both client and infrastructure) issues, application issues, and areas for future research.

Cultural Diversity and Trust in IT Adoption: A Comparison of Potential e-Voters in the USA and South Africa

To trust means to have expectations about others’ (the trustees’) socially acceptable behavior. One of the central effects of this trust in the context of IT adoption is to increase the perceived usefulness (PU) of Information Technology (IT) associated with the trustee’s agency. One way of increasing this trust is through greater sociocultural similarity. Taking previous research into the realm of electronic voting, this paper posits that because trust is culture-dependent, it should decrease considerably as cultural diversity and differentiation increases. To investigate the role of trust in IT adoption in different cultures where dissimilar concepts of socially acceptable behavior exist, this study compares trust-related perceptions of an emerging IT (i.e., electronic voting) between the United States of America (USA) and the Republic of South Africa (RSA). More specifically, the question was addressed by comparing the unique circumstances of the cultural changes in the RSA with the more socially integrated mainstream USA culture. In both cultures, a perceived sociocultural similarity between the individual and the agency in charge of the electronic voting IT contributed to both the establishment of trust and to an increase in the perceived usefulness of the IT, supporting and extending the extrapolations of past propositions to this new realm. However, only in the USA did trust contribute to the PU of the IT. The results suggest that when cultural diversity is large, trust becomes of lesser importance, perhaps because it can no longer reduce social uncertainty. Implications for researchers and governmental voting agencies are discussed, and future research directions are proposed.

The influence of the informal social learning environment on information privacy policy compliance efficacy and intention

Throughout the world, sensitive personal information is now protected by regulatory requirements that have translated into significant new compliance oversight responsibilities for IT managers who have a legal mandate to ensure that individual employees are adequately prepared and motivated to observe policies and procedures designed to ensure compliance. This research project investigates the antecedents of information privacy policy compliance efficacy by individuals. Using Health Insurance Portability and Accountability Act compliance within the healthcare industry as a practical proxy for general organizational privacy policy compliance, the results of this survey of 234 healthcare professionals indicate that certain social conditions within the organizational setting (referred to as external cues and comprising situational support, verbal persuasion, and vicarious experience) contribute to an informal learning process. This process is distinct from the formal compliance training procedures and is shown to influence employee perceptions of efficacy to engage in compliance activities, which contributes to behavioural intention to comply with information privacy policies. Implications for managers and researchers are discussed.