Umeå universitets logga

umu.sePublikationer
Ändra sökning
Länk till posten
Permanent länk

Direktlänk
Alternativa namn
Publikationer (10 of 17) Visa alla publikationer
Skog, D. A. & Öbrand, L. (2022). A Process Framework for Digital Transforming: Multilayered, Conjunctive and Cumulative Processes of Digital Materializing and Organizing. In: : . Paper presented at 4th Nordic Workshop on Digital Foundations of Business, Operations, Strategy and Innovation, Umeå, Sweden, February 10-11, 2022.
Öppna denna publikation i ny flik eller fönster >>A Process Framework for Digital Transforming: Multilayered, Conjunctive and Cumulative Processes of Digital Materializing and Organizing
2022 (Engelska)Konferensbidrag, Enbart muntlig presentation (Refereegranskat)
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-192574 (URN)
Konferens
4th Nordic Workshop on Digital Foundations of Business, Operations, Strategy and Innovation, Umeå, Sweden, February 10-11, 2022
Tillgänglig från: 2022-02-17 Skapad: 2022-02-17 Senast uppdaterad: 2022-02-17Bibliografiskt granskad
Öbrand, L., Augustsson, N.-P., Mathiassen, L. & Holmström, J. (2019). The interstitiality of IT risk: an inquiry into information systems development practices. Information Systems Journal, 29(1), 97-118
Öppna denna publikation i ny flik eller fönster >>The interstitiality of IT risk: an inquiry into information systems development practices
2019 (Engelska)Ingår i: Information Systems Journal, ISSN 1350-1917, E-ISSN 1365-2575, Vol. 29, nr 1, s. 97-118Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Information systems development (ISD) has been part of the core of information systems for over 40 years. Throughout its history, the issue of risk has been closely related to ISD projects, and significant efforts have been made by researchers and practitioners to improve their quality. While important headway has been made in assessing and resolving ISD risk, the literature shows that new and salient risks emerge outside the scope of extant risk management regimes. As a consequence, organizations still struggle with leveraging new tech- nology as projects continue to fail at almost the same rate, albeit for different reasons. Understood as the distinction between reality and possibility, risk is inherently intertwined with practice and rooted in the knowledge, goals, power, and values of specific actors in particular contexts. Hence, to understand how risks emerge, we present a longitudinal case study in which we trace the origin and locus of risks in contemporary ISD practices. We draw on these insights to theorize information technology risk as increasingly inter- stitial, originating from sources positioned in between established practices and therefore outside the scope of conventional risk anal- yses. In conclusion, we discuss interstitial risks as an important form of emergent risk with implications for both research and practice.

Ort, förlag, år, upplaga, sidor
John Wiley & Sons, 2019
Nyckelord
risk management, interstitiality, emergence, ISD
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-154441 (URN)10.1111/isj.12178 (DOI)000452626400005 ()2-s2.0-85042562406 (Scopus ID)
Tillgänglig från: 2018-12-18 Skapad: 2018-12-18 Senast uppdaterad: 2019-09-05Bibliografiskt granskad
Skog, D. A. & Öbrand, L. (2019). What Materiality is not, Materializing is:  Theorizing the Role of Digital Technology in Process Studies. In: : . Paper presented at 11th International Process Symposium (PROS), Chania, Greece, June 19-22, 2019..
Öppna denna publikation i ny flik eller fönster >>What Materiality is not, Materializing is:  Theorizing the Role of Digital Technology in Process Studies
2019 (Engelska)Konferensbidrag, Enbart muntlig presentation (Övrigt vetenskapligt)
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik
Identifikatorer
urn:nbn:se:umu:diva-159787 (URN)
Konferens
11th International Process Symposium (PROS), Chania, Greece, June 19-22, 2019.
Tillgänglig från: 2019-06-07 Skapad: 2019-06-07 Senast uppdaterad: 2019-06-13Bibliografiskt granskad
Öbrand, L., Holmström, J. & Mathiassen, L. (2018). Between a rock and a hard place: facing dilemmas in IT risk management. Journal of Information Technology Theory and Application, 19(3), 22-44
Öppna denna publikation i ny flik eller fönster >>Between a rock and a hard place: facing dilemmas in IT risk management
2018 (Engelska)Ingår i: Journal of Information Technology Theory and Application, ISSN 1552-6496, E-ISSN 1532-4516, Vol. 19, nr 3, s. 22-44Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

In this paper, we extend IT risk management theory using evidence gleaned from IT-enabled process management in a Swedish pulp and paper factory. Our analyses of risk management practices in the factory’s core process revealed surprising insights. As organizational actors managed process related IT risks to ensure that the core production process was running 24/7, they generated strategic IT risks that threatened the sustainability of the process infrastructure. However, they could not manage these strategic risks without jeopardizing the 24/7 operation. Hence, they inadvertently found themselves between a rock and a hard place where they could not mitigate one high priority risk without generating another. Drawing on practice theory, we explain the observed risk management practices, introduce the notion of risk dilemmas, and discuss the practice-based view of risk as a useful approach to advancing IT risk management theory.

Ort, förlag, år, upplaga, sidor
Association for Information Systems, 2018
Nyckelord
Risk, Risk Management, Practice Theory, Information Technology
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-110659 (URN)
Anmärkning

Originally included in thesis in manuscript form

Tillgänglig från: 2015-10-26 Skapad: 2015-10-26 Senast uppdaterad: 2023-10-02Bibliografiskt granskad
Öbrand, L., Holmström, J. & Newman, M. (2018). Navigating Rumsfeld's quadrants: A performative perspective on IT risk management. Technology in society, 53, 1-8
Öppna denna publikation i ny flik eller fönster >>Navigating Rumsfeld's quadrants: A performative perspective on IT risk management
2018 (Engelska)Ingår i: Technology in society, ISSN 0160-791X, E-ISSN 1879-3274, Vol. 53, s. 1-8Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

In this paper, we contribute to risk management theory by investigating the internal dynamics of IT risks in contemporary organizations. We explore how digitization of previously physical organizational con- texts trigger risk by conceptualizing risk management from a performative perspective and the assumption that risks are sociomaterial by nature. Through an exploratory case study of the risk man- agement practices at a paper and pulp factory, we analyze the different epistemic strategies employed by the practitioners as proactive, reactive and adaptive. We discuss how and why these strategies emerge as a result of the sociomaterial configurations. 

Ort, förlag, år, upplaga, sidor
Elsevier, 2018
Nyckelord
Risk, Digital technologies, Practice, Case study
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Forskningsämne
data- och systemvetenskap
Identifikatorer
urn:nbn:se:umu:diva-144195 (URN)10.1016/j.techsoc.2017.09.009 (DOI)000432467300001 ()2-s2.0-85032939103 (Scopus ID)
Tillgänglig från: 2018-01-25 Skapad: 2018-01-25 Senast uppdaterad: 2023-03-23Bibliografiskt granskad
Öbrand, L. (2015). Information infrastructure risk: perspectives, practices & technologies. (Doctoral dissertation). Umeå: Umeå universitet
Öppna denna publikation i ny flik eller fönster >>Information infrastructure risk: perspectives, practices & technologies
2015 (Engelska)Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

This dissertation investigates the nature and management of information infrastructure risks in organizations. Specifically, it examines how practitioners identify and manage threats towards their organizational aims, and suggests ways of achieving sustainable risk management, in settings characterized by the integration of information technology (IT) and organizational processes. The dissertation is motivated by the difficulties organizations encounter when attempting to leverage IT as an organizational resource and the observation that IT projects have high rates of failure despite three decades of research on and practice of risk management in Information Systems (IS). Three aspects of the underlying logic of existing research and practice on IS risk management are challenged: (1) the infrastructural character of IT is suggested to be consequential for organizational risk management, however not recognized by either IS research on risk or risk experts, (2) risk management is enacted within and across practices beyond the boundaries of formal risk management models, and subsequently, (3) risks are increasingly emergent rather than predictable. To investigate such risks and risk management processes the studies in the dissertation build on information infrastructure theory and practice theory and a qualitative approach.

As the role of IT in organizations has changed significantly over the last decades, so has both practice and research concerned with IT related risks. Research on risk in the field of IS has thus come to encompass a large variety of levels of analysis, risk levels and dimensions, organizational processes and research approaches. An analysis of the extant literature shows that despite this richness, it still does not account, or offer support, for situations characterized by a high degree of uncertainty and equivocality. In these kinds of situations, risks are typically emergent and cannot be identified or managed by the prescriptions found within the IS discourse. However, emergence has long been recognized as a characteristic of the organizational consequences of information technology. Paradoxically, while most IS scholars would recognize the socio-technical, or even sociomaterial, nature of IT, it has had little impact on research on risk in our field.

A key argument in this dissertation is that theories of technology and organizational change within IS are equally valid for practice and research on IT related risk and risk management. Information infrastructure theory has been influential in improving our understanding of the changing nature and role of contemporary IT in organizational processes. It highlights the infrastructural character of IT, technological agency, and the entanglement of IT and organizational practices. Grounded in information infrastructure theory, this dissertation examines how practitioners identify, assess, prioritize and resolve risk in their everyday organizational practices. While risk has been used as a concept to characterize the underlying logic of information infrastructure evolution, scant attention has been paid to the particularities of risk emergence and operational risk management practices. As such, existing IS research on risk management explains why risk emerges but not how. The notion of practice has recently gained momentum in the IS field for its usefulness as an analytical lens in approaching complex, dynamic and emergent phenomena, and it is reflective of information infrastructure theory in its fundamental ontological and epistemological assumptions. All of the papers included in this dissertation build, to varying degrees, on information infrastructure theory and a practice approach.

The dissertation contributes new knowledge to research on information infrastructure risk and risk management in IS by theorizing information infrastructure risk as emergent, interstitial, and rooted in practice and sociomaterial contexts.

Ort, förlag, år, upplaga, sidor
Umeå: Umeå universitet, 2015. s. 77
Serie
Research reports in informatics, ISSN 1401-4572 ; 15.02
Nyckelord
Risk, risk management, practice research, information infrastructure theory
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-110665 (URN)978-91-7601-340-3 (ISBN)
Disputation
2015-11-18, MIT-huset, sal MA121, Umeå universitet, Umeå, 13:00 (Engelska)
Opponent
Handledare
Tillgänglig från: 2015-10-28 Skapad: 2015-10-26 Senast uppdaterad: 2018-06-07Bibliografiskt granskad
Öbrand, L. & Holmström, J. (2013). Recalcitrant technologies and unfolding ontologies: exploring the emergent character of IT risks and epistemic strategies in IT risk management. In: : . Paper presented at The 29th European Group for Organization Studies (EGOS) Colloquium, Montreal, July 4-6, 2013.
Öppna denna publikation i ny flik eller fönster >>Recalcitrant technologies and unfolding ontologies: exploring the emergent character of IT risks and epistemic strategies in IT risk management
2013 (Engelska)Konferensbidrag, Enbart muntlig presentation (Övrigt vetenskapligt)
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-88265 (URN)
Konferens
The 29th European Group for Organization Studies (EGOS) Colloquium, Montreal, July 4-6, 2013
Tillgänglig från: 2014-04-29 Skapad: 2014-04-29 Senast uppdaterad: 2019-05-08Bibliografiskt granskad
Öbrand, L., Augustsson, N.-P., Holmström, J. & Mathiassen, L. (2012). The Emergence of Information Infrastructure Risk Management in IT Services. In: Ralph H. Sprague, Jr. (Ed.), Proceedings of 45th Annual Hawaii International Conference of Systems Science (HICSS): . Paper presented at 45th Hawaii International Conference on Systems Sciences (HICSS), Maui, Hawaii, January 4-7, 2012 (pp. 4904-4913). Los Alamitos: IEEE Computer Society
Öppna denna publikation i ny flik eller fönster >>The Emergence of Information Infrastructure Risk Management in IT Services
2012 (Engelska)Ingår i: Proceedings of 45th Annual Hawaii International Conference of Systems Science (HICSS) / [ed] Ralph H. Sprague, Jr., Los Alamitos: IEEE Computer Society, 2012, s. 4904-4913Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Failure to understand, identify, and manage risk is often cited as a major cause of IT problems. While the project is the preferred level of analysis in most IT risk management research, IT is becoming increasingly infrastructural, and there is therefore a need to adapt risk strategies beyond the project level. In this paper, we explore how risk management practices in a successful IT service provider group emerged over time as the group coped with infrastructural dynamics and complexities. Drawing on Orlikowski's practice lens, we investigate actual practices and possible options related to risk management as rapid technological and organizational changes resulted in increased infrastructure management challenges for the IT service provider. Our research contributes to the IT risk management literature by applying risk theory to service management in the infrastructural domain and by moving beyond the project as level of analysis.

Ort, förlag, år, upplaga, sidor
Los Alamitos: IEEE Computer Society, 2012
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-52975 (URN)10.1109/HICSS.2012.565 (DOI)2-s2.0-84857971554 (Scopus ID)978-0-7695-4525-7 (ISBN)978-1-4577-1925-7 (ISBN)
Konferens
45th Hawaii International Conference on Systems Sciences (HICSS), Maui, Hawaii, January 4-7, 2012
Anmärkning

INSPEC Accession Number: 12540848

Tillgänglig från: 2012-04-02 Skapad: 2012-03-08 Senast uppdaterad: 2024-01-03Bibliografiskt granskad
Rönnbäck, L. & Holmström, J. (2011). A Case Against the Checklist Approach: Exploring Epistemic Strategies in IT Risk Management. Paper presented at Nordic Academy of Management Conference, August 20-24 2011, School of Business, Stockholm University, Stockholm.
Öppna denna publikation i ny flik eller fönster >>A Case Against the Checklist Approach: Exploring Epistemic Strategies in IT Risk Management
2011 (Engelska)Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Practice-based perspectives in information systems have established how, in instances of information technology use, the user exercises considerable discretion in their appropriation of the technology with local workarounds and situated improvisations. Today, information systems research has a considerable stock of cases demonstrating the malleability of technology. We analyse the question, not pursued with much energy to date within practice-based perspectives, of how risk management practices in IT-enabled process management are enacted. Research on IT risk has over the last decades produced a number of frameworks and checklists to identify and manage risk, allowing for a proactive approach to e.g. IT development projects. Still, IT-projects fail more often than not and even the most proficient managers have difficulty in managing IT as an organizational resource. This paper introduces a framework for the analysis of software risk as knowledge systems (Holzner & Marx, 1979) composed of a set of knowledge processes, as they are enacted in the context of software risk management: reactive, proactive and adaptive IT risk management. We position ourselves in line with works that take a practice-based approach on knowledge and learning (Lave and Wenger, 1991; Wenger, 2000), which emphasise how knowledge is local, social, situated and closely linked to practice. However, another central premise behind our framework is that knowledge is not only local and situated, but also linked to larger established 'systems of knowledge'. This may imply that knowledge generation does not happen freely, but is highly contingent on the context in which knowledge generation is situated. In order to manage risk in the increasingly dynamic environment of organizational life, we argue that adaptive IT risk management provides organizations with a more powerful approach than we find in the reactive and proactive approach to IT risk management.

Nationell ämneskategori
Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-52976 (URN)
Konferens
Nordic Academy of Management Conference, August 20-24 2011, School of Business, Stockholm University, Stockholm
Tillgänglig från: 2012-03-30 Skapad: 2012-03-08 Senast uppdaterad: 2018-06-08Bibliografiskt granskad
Rönnbäck, L. (2010). The crux of integration: exploring infrastructure evolution in the process industry. In: Jonny Holmström; Mikael Wiberg; Andreas Lund (Ed.), Industrial informatics design, use and innovation: perspectives and services (pp. 73-84). Hershey: IGI Global
Öppna denna publikation i ny flik eller fönster >>The crux of integration: exploring infrastructure evolution in the process industry
2010 (Engelska)Ingår i: Industrial informatics design, use and innovation: perspectives and services / [ed] Jonny Holmström; Mikael Wiberg; Andreas Lund, Hershey: IGI Global, 2010, s. 73-84Kapitel i bok, del av antologi (Övrigt vetenskapligt)
Abstract [en]

The purpose of this chapter is to identify and explore critical challenges for the process industry in IT infrastructure integration and adaptation. The authors identify four critical challenges in the integration and adaption of IT infrastructure in the process industry: integration as an ongoing process; maintaining stability in the installed base; locking the right stuff in; and balancing user value, continuity of production and compatibility. Given the centrality of IT infrastructure in today's process industries the importance of dealing with these challenges must be emphasized. The four challenges identified in this study are of such a complexity they can only lend themselves to the evolutionary strategy. Such a strategy is in concert with the sensibility towards risk the authors find in the paper industry.

Ort, förlag, år, upplaga, sidor
Hershey: IGI Global, 2010
Nyckelord
Manufacturing Process- Information Services, Production Engineering - Data Processing, Computer integrated manufacturing systems, Management information systems
Nationell ämneskategori
Systemvetenskap, informationssystem och informatik Systemvetenskap, informationssystem och informatik med samhällsvetenskaplig inriktning
Identifikatorer
urn:nbn:se:umu:diva-38464 (URN)10.4018/978-1-61520-692-6.ch007 (DOI)2-s2.0-84899225509 (Scopus ID)9781615206926 (ISBN)9781616923143 (ISBN)9781615206933 (ISBN)
Tillgänglig från: 2010-12-20 Skapad: 2010-12-15 Senast uppdaterad: 2023-05-22Bibliografiskt granskad
Organisationer
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0003-2573-5786

Sök vidare i DiVA

Visa alla publikationer