< back
Publications:
2006
Malinowski, J.; Hinz, D. (2006)
Diffusion of Helpdesk Systems – The Influence of Personal Networks on the Level of Adoption
In: The Tenth Pacific Asia Conference on Information Systems; Kuala Lumpur, Malaysia
Category: Proceedings
AbstractThe high importance of the availability of end user computing systems raises the need for effective and efficient helpdesk systems. However, research shows that the adoption and diffusion of such systems is surprisingly low. Classical approaches to deal with this problem solely focus on the system itself, especially by focusing on the quality of the helpdesk. But this neglects the fact, that problem solving often takes place in unofficial personal networks. This aspect gains importance due to the increasing relevance of team-based work structures. Motivated by this, we present a model of adoption of helpdesk system that considers the quality of personal networks as influencing factor for the level of adoption.
Reference No.: 2006-280
Hinz, D. (2006)
IT Risks: Definitions and Challenges
In: Global Information Technology Management Association; Orlando, Florida
Category: Proceedings [Password Protected Download] (Please contact the author)
AbstractRisks and especially information technology (IT) risks are hotly debated today in practice, furthermore many theories have evolved around this term. And also in IT management and IT controlling perspectives on risk, especially security, emerged. Surprisingly no dominant definition has emerged yet and consequently not one single classification or structure for the various kinds of risk exists. This paper tries to give a more concise definition and shows that the management of IT risks is not just a current hype but is of the utmost importance, especially to avoid and mitigate the effects of high impact events. A research agenda to address this important topic is proposed at the end of the paper.
Reference No.: 2006-63
Hinz, D. (2006)
Software Risk Mitigation through Web Services
In: 2006 IRMA International Conference; Washington
Category: Proceedings
AbstractWeb services are praised by research and practitioners as a powerful device to integrate business processes even across firm boundaries. But sometimes even apparently simple operations are not ideally suited to be implemented by web services. This paper employs a case example to explain potential business factors that can restrain web services from unfolding their full potential. Based on a simple causal model for software risk this paper then analyzes why web services should be preferably employed even in untypical usage scenarios to capture additional benefits from improved software risk mitigation.
Reference No.: 2006-6
Hinz, D.; Gewald, H. (2006)
The Next Wave in IT Infrastructure Risk Management - A Causal Modeling Approach with Bayesian Belief Networks
In: 2006 IRMA International Conference; Washington
Category: Proceedings
AbstractThe management of risks associated with information technology (IT) infrastructure becomes increasingly important, as companies may face severe negative outcomes in case of failures. This paper proposes a new approach to manage IT infrastructure risks even in highly dynamic environments. Currently, IT infrastructure and its risks are managed based on historical loss data, which allows very precise forecasts for potential risks in stable environments. However, for the increasing number of firms facing dynamic environments like outsourcing or merger scenarios, historical data is not an adequate estimator for future events. Therefore, the next wave in IT infrastructure risk management has to employ more adaptive strate-gies. Based on an ongoing case study with two leading IT consultancies and an international service enterprise, this paper demonstrates, how causal modeling with Bayesian Belief Networks enables the prediction and, most important, the proactive management of IT infrastructure risks.
Reference No.: 2006-5
Hinz, D.; Malinowski, J. (2006)
Assessing the Risks of IT Infrastructure – A Personal Network Perspective
In: 39th Hawaii International Conference on System Sciences; Hawaii
Category: Proceedings [Password Protected Download] (Please contact the author)
AbstractThis paper adds the aspect of problem solving in personal networks to an existing risk assessment model of end-user computing technology. Due to various reasons, information technology (IT) risk assessment for end-user computing systems like desktop computers is gaining importance, especially the availability of these systems. Users are a vital part of these systems, and any user incident renders the system unavailable until the incident is resolved. Classical approaches only consider measurable user incidents. However, this neglects the fact, that a lot of problem solving takes place in unofficial personal networks. Based on expert interviews, we present an approach that integrates personal network characteristics into a causal model for risk assessment and give an outlook to further research.
Reference No.: 2006-4
Blumenberg, S.; Hinz, D. (2006)
Enhancing the Prognostic Power of IT Balanced Scorecards (Best Paper Nomination)
In: 39th Hawaii International Conference on System Sciences; Hawaii
Category: Proceedings [Password Protected Download] (Please contact the author)
AbstractBalanced Scorecard (BSC) is one of the most important and widely adopted performance measurement methods, and especially its recently evolving usage for IT governance makes it an attractive tool to measure and evaluate IT contribution to firm performance. Integral parts are corporate causality relationships that are modeled within the BSC. Surprisingly, these causalities within the Balanced Scorecard approach are neither thoroughly introduced in theory nor applied in practice in a sound way. In this paper, an integrated approach is developed which addresses both challenges. It is shown how causal modeling employing Bayesian Belief Networks can be used to improve Balanced Scorecard methodology and to support organizations in introducing a Balanced Scorecard. The integration allows for an a priori validation of causalities with significantly reduced effort in validity maintenance and results in better prediction of value chain figures and enhanced corporate learning.
Reference No.: 2006-3
2005
Blumenberg, S.; Hinz, D. (2005)
Management Communication of Complex Risk Assessment
In: EFL Quarterly 3/2005; Frankfurt am Main
Category: Other publications
Reference No.: 2005-247
Hinz, D. (2005)
High Severity Information Technology Risks in Finance
In: Proceedings of the 38th Hawaiian International Conference on System Sciences (HICSS-38); Hilton Waikoloa Village, Big Island, Hawaii
Category: Proceedings [Password Protected Download] (Please contact the author)
AbstractFinancial institutions are part of the backbone of modern nations in the same way electrical power grids and trans-portation infrastructures are. Therefore, breakdowns of single banks or whole financial centers could have a mas-sive impact not only on the affected banks but also on the entire economy (systemic risk). As financial institutions rely heavily on information technology (IT), this is one of their major risk categories. Despite its importance, the research on identifying and mitigating the operational risks associated with IT is still quite immature in theory and in practice, leaving managers without sound decision support. Based on an overview of relevant threats and their possible impacts, this paper derives requirements for a sound decision support system supporting operational risk management in IT.
Reference No.: 2005-13
Gewald, H.; Hinz, D. (2004)
A Framework for Classifying the Operational Risks of Outsourcing
In: Proceedings of the Eighth Pacific-Asia Conference on Information System (PACIS); Shanghai
Category: Proceedings [Password Protected Download] (Please contact the author)
AbstractOperational risk and outsourcing are two major topics on today's agenda of top executives, especially in the banking industry. This paper introduces a framework to classify operational risk in outsourcing in a way that generates quantifiable output for measurement purposes. The authors developed a matrix system that deploys a catalogue of sources of risk and a mu-tually exclusive yet exhaustive system of measurable impact areas. It is shown that this framework adds to the understanding of operational risk as its application enhances trans-parency through the transformation of often vague risk descriptions to quantifiable risk indi-cators. An overview of the current IS literature on risks in outsourcing combined with a criti-cal assessments of deficiencies for transparent risk classification serves as a input for the classification process.
Reference No.: 2004-68
Presentations:
2006
| 11. June |
Hinz, D. IT Risks: Definitions and Challenges In: Global Information Technology Management Association; Orlando, Florida AbstractRisks and especially information technology (IT) risks are hotly debated today in practice, furthermore many theories have evolved around this term. And also in IT management and IT controlling perspectives on risk, especially security, emerged. Surprisingly no dominant definition has emerged yet and consequently not one single classification or structure for the various kinds of risk exists. This paper tries to give a more concise definition and shows that the management of IT risks is not just a current hype but is of the utmost importance, especially to avoid and mitigate the effects of high impact events. A research agenda to address this important topic is proposed at the end of the paper.
|
| 21. May |
Hinz, D. The Next Wave in IT Infrastructure Risk Management - A Causal Modeling Approach with Bayesian Belief Networks In: 2006 IRMA International Conference; Washington, D.C. |
| 21. May |
Hinz, D. Software Risk Mitigation through Web Services In: 2006 IRMA International Conference; Washington, D.C. |
| 26. March |
Hinz, D.; Malinowski, J. Assessing the Risks of IT Infrastructure – A Personal Network Perspective In: IWI Forschungskolloquium 2006; Roßbach AbstractThis paper adds the aspect of problem solving in personal networks to an existing risk assessment model of end-user computing technology. Due to various reasons, information technology (IT) risk assessment for end-user computing systems like desktop computers is gaining importance, especially the availability of these systems. Users are a vital part of these systems, and any user incident renders the system unavailable until the incident is resolved. Classical approaches consider only measurable user incidents. This neglects the fact, that a lot of problem solving takes place in unofficial personal networks. Based on expert interviews, this paper presents an approach that integrates personal network characteristics into a causal model for risk assessment and gives an outlook to further research.
|
| 14. January |
Hinz, D. IT Risk Management - A Causal Modeling Approach for End-User Computing In: IWI Jour fixe; Frankfurt am Main AbstractDespite its importance, the research on the operational risks arising from information technology (IT) is still quite immature both in theory and in practice, leaving managers without sound decision support. Especially IT infrastructure worries managers and researchers alike. To improve the risk management process including assessment and communication, a model-driven approach with a strong focus on end-user computing is developed to manage IT risks even in highly dynamic environments like outsourcing or merger scenarios. Based on a case study with two leading IT consultancies and a global service enterprise utilizing incident data from over 30,000 computers, it is shown, that causal modeling with Bayesian Belief Networks (BBN) enables the assessment and, most important, the proactive management of IT infrastructure risks. To facilitate the communication of this sophisticated method, it can be seamlessly combined with the economic theory of Balanced Scorecard (BSC). At the same time, causal modeling employing BBNs can be used to improve Balanced Scorecard methodology. Special focus is given to the users as a vital part of end-user computing. Both theory and the company data indicate their importance, therefore personal network characteristics have been integrated to further improve the predictive power of the causal model. |
| 07. January |
Hinz, D.; Malinowski, J. Assessing the Risks of IT Infrastructure – A Personal Network Perspective In: 39th Hawaiian International Conference on System Sciences (HICSS-39); Hyatt Regency, Kauai, Hawaii AbstractThis paper adds the aspect of problem solving in personal networks to an existing risk assessment model of end-user computing technology. Due to various reasons, information technology (IT) risk assessment for end-user computing systems like desktop computers is gaining importance, especially the availability of these systems. Users are a vital part of these systems, and any user incident renders the system unavailable until the incident is resolved. Classical approaches consider only measurable user incidents. This neglects the fact, that a lot of problem solving takes place in unofficial personal networks. Based on expert interviews, this paper presents an approach that integrates personal network characteristics into a causal model for risk assessment and gives an outlook to further research. |
| 06. January |
Blumenberg, S.; Hinz, D. Enhancing the Prognostic Power of IT Balanced Scorecards with Bayesian Belief Networks (Best Paper Nomination) In: 39th Hawaiian International Conference on System Sciences (HICSS-39); Hyatt Regency, Kauai, Hawaii AbstractBalanced Scorecard (BSC) is one of the most important and widely adopted performance measurement methods, and especially its recently evolving usage for IT governance makes it an attractive tool to measure and evaluate IT contribution to firm performance. Integral parts are corporate causality relationships that are modeled within the BSC. Surprisingly, these causalities within the Balanced Scorecard approach are neither thoroughly introduced in theory nor applied in practice in a sound way. In this paper, an integrated approach is developed which addresses both challenges. It is shown how causal modeling employing Bayesian Belief Networks can be used to improve Balanced Scorecard methodology and to support organizations in introducing a Balanced Scorecard. The integration allows for an a priori validation of causalities with significantly reduced effort in validity maintenance and results in better prediction of value chain figures and enhanced corporate learning. |
2005
| 01. December |
Hinz, D. Risk Management for IT Infrastructure In: Australian Graduate School of Management; Sydney, Australia |
| 04. March |
Blumenberg, S.; Hinz, D. Managing Operational Risk with Balanced Scorecard In: IWI Forschungskolloqium 2005; Dannenfels |
| 05. January |
Hinz, D. High Severity Information Technology Risks in Finance In: 38th Hawaiian International Conference on System Sciences (HICSS-38); Hilton Waikoloa Village, Big Island, Hawaii AbstractFinancial institutions are part of the backbone of modern nations in the same way electrical power grids and trans-portation infrastructures are. Therefore, breakdowns of single banks or whole financial centers could have a mas-sive impact not only on the affected banks but also on the entire economy (systemic risk). As financial institutions rely heavily on information technology (IT), this is one of their major risk categories. Despite its importance, the research on identifying and mitigating the operational risks associated with IT is still quite immature in theory and in practice, leaving managers without sound decision support. Based on an overview of relevant threats and their possible impacts, this paper derives requirements for a sound decision support system supporting operational risk management in IT. |
2004
| 23. November |
Hinz, D. Operational Risk Management for IT Infrastructure In: IWI Jour fixe; Frankfurt am Main |
| 10. July |
Gewald, H.; Hinz, D. A Framework for Classifying the Operational Risks of Outsourcing In: Eighth Pacific-Asia Conference on Information System (PACIS); Shanghai |
