Information Security Within

and Across Business

Networks

Security & Privacy

 

Chair(s):
Scott Dynes
Center for Digital Strategies
Dartmouth College
Tuck School of Business
Hanover, NH 03755

Lutz Kolbe
Competence Center Customer Management
University of St. Gallen
Institute of Information Management
Mueller-Friedberg-Strasse 8
CH-9000 St. Gallen
Switzerland

Ragnar Schierholz
ABB Schweiz AG, Corporate Research
Software Solutions and Processes
Segelhofstrasse 1K
CH-5405 Baden 5 Dättwil

Description:

Companies are increasingly collaborating horizontally and vertically by taking part in business networks, e.g. supply chains or out-/in-sourcing relationships. Information technology is increasingly the infrastructure used to integrate a firm's internal and external relationships, from internal email, data communication and process control (SCADA) capabilities to the management of relationships with external entities such as customers and suppliers, design and manufacturing partners. While the efficiencies enabled by the information infrastructure promises great benefits, this increasing reliance on information technologies raises new risks and much greater responsibilities from the standpoint of information security professionals at both firm and societal levels.
Therefore, this minitrack seeks to focus on the management challenges for information security that come with the increasing “disappearance of the network perimeter” of a firm engaging with suppliers, customers, allies and authorities.
This minitrack invites research concerning the identification and management of these risks at all levels, from end users to information security managers to policy makers. We encourage contributions – especially interdisciplinary ones - from both researchers and practitioners representing a broad spectrum of disciplines including economics, information systems, information management, and computer sciences.
Research papers, both qualitative and quantitative, as well as high quality case studies are welcome.

The mini-track will focus on:

  • Internal IT risk due to tight IT integration with business partners
  • Business process risk due to reliance on IT to integrate with business partners
  • The role of IT risk and information security in outsourcing deals
  • Policies that provide incentives for effective information security risk management
  • Control of flows of intellectual property, goods and data in supply chains
  • Societal risk resulting from interdependencies
  • # The protection of customer data at service providers in the financial sector or the treatment of security in service level agreements and other contracts.
  • Defining the relationship between IT risk and business risk
  • Creating metrics for information security both within your firm and across the extended enterprise
  • Influencing the information security posture of your business partners
  • How to implement and manage cross-company risk management

 

 

 AMCIS 2007 Colorado          http://www.biz.colostate.edu/amcis07/        Key Dates:

Paper Abstracts Due (optional) Monday, February 5, 2007
Papers Due:   Monday, March 5, 2007
Notification of Acceptance:   Monday, April 16, 2007
Camera Ready Copy Due:   Monday, April 30, 2007