Communications of the Association for Information Systems

Forthcoming Papers

Forthcoming papers have been accepted for publication at the Communications of the Association for Information Systems and are listed below in order of acceptance date. Copies of unedited manuscripts can either be obtained by clicking the manuscript title or contacting the corresponding authors listed below.

Note that the decision to provide a copy rests with the authors, not with the Communications of the Association for Information Systems.

The manuscripts listed here will undergo copyediting, typesetting, and review of the resulting proofs before they are published in their final form. During the production process errors may be discovered, which could affect the content. All legal disclaimers that apply to the Communications of the Association for Information Systems pertain. For a definitive version of the works listed here, please check for their appearance online at http://aisel.aisnet.org/cais/.

A Knowledge Development Perspective on Literature Reviews: Validation of a new Typology in the IS Field

Schryen, Guido (guido.schryen@uni-paderborn.de)


Literature reviews (LRs) play an important role in the development of domain knowledge in all fields. Yet, we observe a lack of insights into the activities with which LRs actually develop knowledge. To address this important gap, we (1) derive knowledge building activities from the extant literature on LRs, (2) suggest a knowledge-based typology of LRs that complements existing typologies, and (3) apply the suggested typology in an empirical study that explores how LRs with different goals and methodologies have contributed to knowledge development. The analysis of 240 LRs published in 40 renowned IS journals between 2000 and 2014 allows us to draw a detailed picture of knowledge development achieved by one of the most important genres in the IS field. An overarching contribution of our work is to unify extant conceptualizations of LRs by clarifying and illustrating how LRs apply different methodologies in a range of knowledge building activities to achieve their goals with respect to theory.

Responding to Cybersecurity Challenges: Securing Vulnerable U.S. Emergency Alert Systems

Green, Andrew (agreen57@kennesaw.edu)


U.S. emergency alert systems (EASs) are part of the nation's critical infrastructure. These systems are built on aging platforms and suffer from a fragmented interconnected network of partnerships. Some EASs have an easily identifiable vulnerability - their management website is available via the Internet. Authorities must secure these systems quickly. Other concerns exist, primarily the lack of policies for reporting vulnerabilities. To begin an assessment of U.S. EASs, we used Shodan to evaluate the availability of these websites in six southeastern states. We found 18 such websites that were accessible via the Internet, only requiring user credentials to login to the system. Next, we searched for published policies on the reporting of vulnerabilities; we found no vulnerability disclosure policies for any of the systems identified. To identify, prioritize, and address EAS vulnerabilities, we present a list of technical and management strategies to reduce cybersecurity threats. We recommend integrated policies and procedures at all levels of the public-private-government partnerships, along with system resilience, as lines of defense against cybersecurity threats. By implementing these strategies, U.S. EASs will be positioned to update critical infrastructure, notify groups of emergencies, and ensure the distribution of valid and reliable information to the populations at risk.

Evaluating Online Complex Technology-Enabled Course Delivery: A Contextualized View of a Decomposed IS Success Model

Zhao, Yu (Audrey) (yzhao3@lamar.edu)


This article focuses on understanding the factors that are likely to impact the success of online delivery of courses involving complex technologies. For this study, SAP software was selected as the complex technology that students learn online and, a course management software, such as Blackboard, provided the online platform through which an SAP-enabled course was delivered to students. System quality, information quality, and service quality were the antecedent variables that were hypothesized to influence students’ perceived learning outcomes, satisfaction, and intention to continue the use of online learning. Grounded on the information systems (IS) success model, core constructs were decomposed into contextual factors. We conducted a survey of business students from four mid-sized state universities in the United States. The universities were members of the SAP university alliances, and the students had taken at least one online SAP-enabled course. We used structural equation modeling with partial least squares (PLS-SEM) for the data analysis. The findings indicate that system quality, information quality, and service (instructor) quality are all significant antecedents of student satisfaction; system quality and information quality are significant antecedents of perceived learning outcomes; and only system quality is a significant antecedent of students’ continued intention to use online learning.

The Role of Decision Rationality on Users’ Attitudes towards Utilitarian Mobile Service Usage

Xitong, Guo (xitongguo@hit.edu.cn)


The use of mobile information and communication technologies (mICTs) for utilitarian service delivery has been emphasized in different industries. Firms need to understand how users make routine and unexpected use decisions in order for their utilitarian mobile services (UMSs) to gain market acceptance. This study empirically tests a theoretical model examining how both the affective attitude and the cognitive attitude influence both routine and unexpected use of UMSs as well as the role of decision rationality in the process. We tested our model using two independent empirical studies. The results show that the affective attitude has a stronger effect than the cognitive attitude on routine use, while the cognitive attitude has a stronger effect than the affective attitude on the unexpected use of UMSs. Furthermore, decision rationality weakens the effects of the affective attitude on both routine use and unexpected use but strengthens the effects of the cognitive attitude on the routine use of UMSs. Our results advance knowledge on: 1) users’ behaviors when they are engaged in UMSs; 2) the effects of attitude components at different levels of decision rationality, and 3) the underlying mechanism of the mixed findings regarding the effects of both the affective and cognitive attitudes. These findings also provide insights for practitioners on how to promote their services among consumers.

Digital Transformation of the Italian Public Administration: A Case Study

Datta, Pratim (pdatta@kent.edu)


This case study looks at the digital transformation of the Italian Public Administration. With 60 million people, 8,000 municipalities and 23,000 local administrations, this case of digital transformation highlights how a digital renaissance is a preface for innovative disruption challenges. The Digital Transformation case uses Italy as the backdrop and Team Digitale, a team of talented individuals embarked on building public administration efficiencies and rebooting Italy’s digital innovation footprint, as the protagonist. Digital transformation is rarely, if ever, a technical solution. Instead, digital transformation is a socio-technical and socio-political solution, especially in large and complex democracies or companies with diverse, contending stakeholders. In the process, the case surfaces best practices and challenges faced when trying to tackle a mega-project across an entire economy. The case offers digital transformation recommendations, generalizable across any global democracy. This case surfaces best practices and challenges faced when trying to tackle a mega-project across an entire economy. The case study sheds light on how, contrary to private organizations, institutionalizing a disruptive innovation in a diverse democracy requires thinking within and beyond the box. This case study tackles a more difficult transformation of public administration is a large and fragmented democracy (akin to a large and decentralized multinational company). Both executives and policy makers will find considerable value from this case.

Status Quo, Critical Reflection and Road Ahead of Digital Nudging in Information Systems Research - A Discussion with Markus Weinmann and Alexey Voinov

Meske, Christian (christian.meske@fu-berlin.de)


Research on Digital Nudging has become increasingly popular in the Information Systems (IS) community. This paper presents an overview of the current progress, a critical reflection and an outlook to further research regarding Digital Nudging in IS. For this purpose, we conducted a comprehensive literature review as well as an interview with Markus Weinmann from Rotterdam School of Management at Erasmus University, one of the first scholars who introduced Digital Nudging to the IS community, and Alexey Voinov, director of the Centre on Persuasive Systems for Wise Adaptive Living at University of Technology Sydney. The findings uncover a gap between what we know about what constitutes Digital Nudging and how consequent requirements can actually be put into practice. In this context, the original concept of Nudging bears inherent challenges, e.g. regarding the focus on the individuals’ welfare, which hence also apply to Digital Nudging. Moreover, we need a better understanding of how Nudging in digital choice environments differs from that in the offline world. To further distinguish itself from other disciplines that already tested various nudges in many different domains, Digital Nudging Research in IS may benefit from a strong Design Science perspective, going beyond the test of effectiveness and providing specific design principles for the different types of digital nudges.

Examining Exploitability Risk of Vulnerabilities: A Hazard Model

Roumani, Yaman (yamanroumani@oakland.edu)


With the increasing number and severity of security incidents and exploits, information technology (IT) vendors, security managers, and consumers are placing more emphasis on security. Yet, fixing the sheer volume of vulnerabilities remains a challenge as IT vendors race against attackers to evaluate system vulnerabilities, prioritize them, and issue security patches before being exploited. In this study, we posit that IT vendors can prioritize which vulnerabilities should be patched first by assessing their exploitability risk. Specifically, we identify the most likely vulnerabilities to be exploited using vulnerability-related attributes and vulnerability types. We employ survival analysis and test our models using historical data of vulnerabilities and exploits compiled between 2007 and 2016. Our results indicate that IT vendors benefit the most from fixing vulnerabilities that are remotely exploitable, have low complexity level, require no authentication, and affect confidentiality, integrity, and availability components. Furthermore, our findings suggest that IT vendors can mitigate the risk of exploit-related attacks by remedying code injection vulnerabilities followed by buffer overflow and numeric error vulnerabilities.

Design for Empowerment: Empowering Sri Lankan Farmers through Mobile-based Information System

Ginige, Tamara (t.ginige@gmail.com)


We have developed a Mobile-based Information System (MBIS) to empower users to improve their livelihood activities. First, we had to develop an empowerment framework, due to lack of one, that underpinned the development of the MBIS. This research originated to solve an agriculture over-production problem in Sri Lanka where farmers are trapped in a poverty cycle. They are unable to make informed decisions due to lack of access to timely, context-based actionable information to achieve a good revenue. Some essential information such as current level of production had to be generated in real-time by capturing farmers’ decisions such as what and how much to grow. This required active farmer engagement where farmers needed to be empowered through the MBIS to make informed decisions. The evaluation of the impact of the MBIS showed a statistically significant positive change in empowerment levels of farmers through measurement of self-efficacy, sense of control and motivation before and after use of the application. This mobile-based system has since been adopted in India and Sri Lanka by commercial organizations, in Africa to mitigate hidden hunger and in Australia to develop Digital Health applications to manage chronic diseases, indicating the wide adoptability of the approach.

Decision-Making Processes in Community-based Free/Libre Open Source Software Development Teams with Internal Governance: An Extension to Decision-Making Theory

Eseryel, U. Yeliz (yeliz@eseryel.com)


Community-based FLOSS teams with internal governance are an extreme example of distributed teams, prominent in software development. At the core of distributed team success is team decision-making and execution. However, in the case of FLOSS teams, the lack of formal organizational structures to guide practices and the reliance on asynchronous communication might be expected to make decision making problematic. Despite these challenges many FLOSS teams are effective. There is a paucity of research in how organizations make IS development decisions in general, and the research in FLOSS decision- making models is particularly limited. Decision-making literature in FLOSS teams has focused on the distribution of decision-making power. Therefore, it is not clear which decision-making theories fit the FLOSS context best, or whether novel decision-making models are required. We adopted a process-based perspective to analyze decision-making in five community-based FLOSS teams. We identified five different decision-making processes, indicating FLOSS teams use multiple processes when making decisions. Decision-making behaviors were stable across projects despite different type of knowledge required. We help fill the literature gap about which FLOSS decision mechanisms can be explained using classical decision-making theories. Practically, community and company leaders can use knowledge of these decision processes to develop infrastructure that fits FLOSS decision-making processes.

The Internet of Things: Multi-Faceted Research Perspectives

Shim, J.P. (jpshim@gsu.edu)


Living beyond the hype, the Internet of Things (IoT) continues to grow and has clearly emerged as a leading-edge topic in information systems. As the IoT moves beyond novel technologies and exploratory sandbox initiatives to ubiquitous technologies and full production, understanding the phenomenon surrounding IoT challenges and issues has become even more important. In this paper, we explore the critical issues and challenges currently facing IoT adoption and implementation with the goal of identifying areas in need of further study. Specifically, the paper discusses IoT from several key perspectives including IoT connectivity, platforms and 5G, IoT analytics, IoT privacy, security, and litigation risks, IoT business value and monetization, and human interaction with IoT and design considerations Finally, through identifying the current state of IoT and IoT research, the paper identifies potential areas of contribution and future directions for IoT research.

A Guide for Purposive Sampling on Twitter

Sibona, Christopher (sibonac@uncw.edu)


The primary goal of this article is to demonstrate how to use Twitter for conducting behavioral research and to guide researchers who might benefit from using this social media platform to effectively recruit survey participants. We begin by discussing the advantages of using Twitter for survey recruitment, including respondent anonymity, purposive sampling to find respondents who are engaged in a topic of interest, ability to reach respondents quickly to investigate ephemeral events, and advantages in replicating subject populations in recruitment. We offer a guide that illustrates the mechanics of using Twitter for subject recruitment and present a successful case study offering a real-world example of how this technique was used to recruit survey participants. We provide solutions for common issues researchers might encounter when using Twitter for subject recruitment, including nonresponse due to failure to deliver timely responses to tweets, initial unwillingness to participate, and appropriate screening of potential respondents based on their tweets.

The Next Wave of CRM Innovation: Implications for Research, Teaching and Practice – Panel Report of PACIS 2016

Lokuge, Sachithra (ksplokuge@gmail.com)


Globalization and the ever-changing needs of the customers have created a hyper-competitive market. As a result, customer relationship management (CRM) has become a core topic of interest among both practitioners and academics. Further, over the years, with the advancements in the technology landscape, such as the advent of digital technologies, CRM has improved in myriad ways. This article summarizes a panel discussion on CRM innovations held at the Pacific Asia Conference on Information Systems (PACIS 2016) in Chiyai, Taiwan, in 2016. The panel provided an understanding about fundamentals of CRM and how the traditional CRM systems work in organizations. Then, the panel focused on the advancement in technology landscape such as big data, analytics, internet-of-things and artificial intelligence and how such technologies have transformed innovations in the CRM landscape. Then lastly, the panel highlighted the limitations in the current CRM curricula in the universities and how such advancements need to be reflected in the modern curriculum to enhance the union between the CRM curricula and the industry needs. Further, this article provides future research ideas for academia and contributes to research interests on CRM in general.

When Programs Collide: A Panel Report on the Competing Interests of Analytics and Security

Young, Jacob A. (jayoung@bradley.edu)


The increasing demand for business analytics and cybersecurity professionals provides an exciting job outlook for graduates of information systems programs. However, the rapid proliferation of devices and systems that spurred this trend has created a challenging ethical dilemma for those responsible for educating future generations of information technology professionals. Many firms are collecting and storing as much data as possible in the hopes that technology might uncover useful insights in the future. This behavior results in an ever-increasing challenge for those charged with protecting organizational assets and exerts pressure on executives seeking an analytical edge to remain profitable in a hyper-competitive marketplace. With this dilemma in mind, a recent panel discussion at the 14th Annual Midwest Association for Information Systems Conference explored the delicate balance between unleashing the power of analytics and securing the sensitive data it consumes, while respecting consumer privacy. This paper reports on that discussion and its insights.

The Paradox of Choice: An Investigation of Android Malware Datasets Selection Strategies using Machine Learning Approach

Kumar, Naveen (nkchawla@uw.edu)


The rise in the usage of mobile devices utilizing the Android operating system attracts the attention of cyber-criminals wanting to disrupt or gain unauthorized access through malware infections. To stop the rising dominance of Android malware, cyber-security experts and researchers require datasets of malware samples which remain undetected by most available antivirus software. However, the identification of evolving Android malware characteristics from different sources has been less frequently discussed and need considerable attention. In this paper, we provide an in-depth analysis of a wide variety of Android malware datasets. Our main objective is to find out more discriminative features such as permissions and intents, and then apply machine learning techniques on collected samples of different datasets based on the similarity in the acquired features. We perform random sampling on each cluster of collected datasets to check the antivirus software’s capability to detect the sample. We also discuss some common pitfalls in dataset selection. Our findings benefit the firms by acting as an exhaustive source of information about the leading Android malware datasets.

The Interaction of Virtual Reality, Blockchain, and 5G New Radio: Disrupting Business and Society

French, Aaron M. (afrench@unm.edu)


The three cutting-edge technologies Virtual Reality, blockchain and 5G are continuously growing in public attention. Virtual reality was popularized in the 1990's but recent advances in technology and decrease costs have create a resurgence in the technology. With significant funding and early adoption, blockchain and 5G are both ready to make their mark on the world. Each of these technologies alone are primed to disrupt business and society but together they provide a multitude of opportunities waiting to be explored. A panel of IS researchers and industry practitioners tackled important topics related to the culmination of these technologies. This article summarizes the 2018 Association for Information Systems Americas Conference on Information Systems (AMCIS) panel session that makes the case for IS research that focuses on the intersection of these technologies. Each panelist presented their perspectives based on experience and knowledge along with current issues and future directions. This topic has significant business implications as practitioners continue to take notice of their advancements and develop strategies to adapt in a rapidly changing environment. The paper also present researcher perspectives and implications that will inform and describe opportunities for future research as these technologies continue to become more prevalent.

Semantic and Sentiment Dissonant Framing Effects on Online News Sharing

Yim, Dobin (dyim@loyola.edu)


The design of information artifacts incorporates cognitive elements to inform and entice users of relevant content. Sparse research has examined the cognitive design of information artifacts in the digital news platforms context. This study investigates how semantic and sentiment elements of information artifacts convey meaning and emotion to elicit the sharing of online news. We propose a dissonant framework and hypothesize that three dissonance dimensions, namely, semantic, textual sentiment, and visual sentiment dissonance, influence news sharing, anchoring to the central and peripheral routes of the elaboration likelihood model of persuasion. The hypotheses are tested using real-world data from 2013 to 2015 from Mashable- a popular digital news platform. Novel machine learning techniques are used to extract topics and sentiments from text and photos in the news articles. Findings from the econometric analysis support that textual sentiment and visual sentiment dissonance positively affect news sharing.

How Do Different Types of BA User Contribute to Business Value?

Tamm, Toomas (toomas.tamm@unsw.edu.au)


How do different types of business analytics (BA) user contribute to business value? To answer this question, we propose a new variance model, Organizational Benefits from Business Analytics Use (OBBAU), which is driven by insights into three key mechanisms through which two distinct types of BA user drive organizational benefits from BA, namely: (1) provision of advisory services by data scientists, (2) the use of BA tools by end -users, and (3) the participation of both data scientists and end users in the creation and enhancement of BA tools. The OBBAU builds on a thorough review of the BA and IS literatures, and interviews with 15 BA experts.

A Teaching Case on Information Systems Development Outsourcing: Lessons from a Failure

Nuwangi, Subasinghage Maduka (maduka.subasinghage@aut.ac.nz)


Students and academics rarely receive an opportunity to investigate and learn from failed projects, with many organizations restricting access to information about failed projects in order to minimize reputational damage (Chua & Lam, 2005). However, failure cases can provide unique insights that are often unexplored or ignored in the investigations of successful projects (Lyytinen & Robey, 1999). To facilitate this learning, we present a teaching case based on an outsourced information systems development project which commenced in 2010 and was terminated in 2013. The project failure is observed from the viewpoint of the vendor to illustrate how mis-specified requirements and the lack of a clear understanding of the client organization’s specific requirements could lead to project failures. We derived the case description and analyses by conducting seven interviews with project team members and by analyzing fourteen business requirement specification documents.

A Research Agenda for the Why, What, and How of Gamification Designs – Results on an ECIS 2019 Panel

Schöbel, Sofia (sofia.schoebel@uni-kassel.de)


This report summarizes the discussion in a panel session on gamification designs at the 2019 European Confer-ence on Information Systems in Stockholm, Sweden. The panel explores a research agenda for gamification de-sign. The “what, why, and how” are considered to analyze the current state of the art of gamification research. An adapted definition of gamification is presented as one outcome of the workshop to better describe what gamifica-tion is and what it can be used for. “Why” and “how” to employ gamification are discussed for different contexts. This can be used to gamify information systems, identity outcomes that are addressed by gamification concepts, and explore new ways of how to gamify. Overall, the panel presents new areas for future research and practice by identifying innovative ways to bring existing gamification concepts to a more impactful level.

An Integrated Model of Business Intelligence & Analytics Capabilities and Organizational Performance

Ramakrishnan, Thiagarajan (ram@pvamu.edu)


The transformational power of business intelligence and analytics (BI&A) in organizations can be leveraged through a holistic integration process. Contrary to this proposition, many organizations approach BI&A implementation as stand-alone, independent of organizational strategies, or with ad-hoc plans for an organization-wide change. From a research point of view, an integrated framework that can inform both academics and practice about the constituents of an adroit application of business intelligence and analytics capabilities in organizations remains a gap. This study asks the question that what significant BI&A capabilities are essential to creating value from BI&A for organizational performance? We conceptualize second-order constructs that are important for the BI&A value creation process: Innovation Infrastructure Capability, Customer Process Capability, B2B Process Capability, and Integration Capability. We propose that these higher-order BI&A capabilities influence organizational performance through the mediation effect of BI&A Effectiveness. We develop a questionnaire instrument and collect data from 154 firms in India. Partial Least Squares analysis provides broad support for our hypotheses. Our contributions include identifying and empirically assessing key BI&A Capabilities that directly impact an organization’s effectiveness of BI&A implementation.

Information Systems Development as Value Co-Creation

Kautz, Karlheinz (karlheinz.kautz@rmit.edu.au)


In this research we investigate information systems development (ISD) as value co-creation and how co-creation as an ISD approach is performed. For this purpose, we present a case study in a not-for-profit, intergovernmental environment of an ISD project of a digital game, which has the objective to raise attention concerning climate change. The project had limited resources and was performed with a number of youth utilizing a social media platform. Our study uses a taxonomic framework for Web-based co-creation, which originally was developed for a commercial context and has not been empirically validated before. Our study shows that the taxonomic framework also provides an in-depth comprehension of the project as value co-creation in a not-for-profit environment especially with regard to co-creators’ motivation and the types of value they created. We further discuss the findings of our study in reference to information systems (IS) literature on service innovation. This literature contributes to additional explanation and understanding what value co-creation is and how it can be performed as an instance of ISD practice. On this background, we offer some propositions for how future ISD research could benefit from adopting a value co-creation perspective. Although derived from a specific project in a particular setting we argue the two approaches combined can thus be used for (1) preparing any co-creation project (2) coping with co-creation during the development process by providing an understanding of co-creation as an approach to ISD; and (3) for after-the-fact reflection and understanding to derive some lessons learnt. While further empirical validation is needed for this claim we contribute to insight into co-creation in ISD with respect to participatory approaches to ISD beyond conventional environments, roles and types of participants and contributors.

Advancing Data Monetization and the Creation of Data-based Business Models

Rossi, Matti (matti.rossi@aalto.fi)


Although big data has been under discussion for years, research thus far has scarcely touched on directly selling and monetizing data assets. This aspect is of particular relevance given recent concerns about data privacy and security and the simultaneous explosion in the use of data for marketing and service-development purposes. In this paper we describe an empirical study on companies’ initiatives concerning the selling and monetization of data. We categorize the relevant business models based on the dimensions of their customer refinement and their scalability. The research reveals a number of constraints (organization type, business type, data characteristics, privacy, and security) that companies should address to move from the internal use of data and supporting existing customers to generating new business through selling data. Based on the findings, we propose for practitioners’ ways of benefiting from the data. For researchers, we provide directions for future studies that include developing strategies that foster compliance between companies’ aspirations and consumer and societal restrictions and facilitate data-based innovation and revenue generation.

Development and Measurement Validity of a Social Media Activity Instrument

Paul, Jomon A. (jpaul117@kennesaw.edu)


The potential impact of social media abetted by the exponential growth in the number of applications and platforms to engage online on social issues such as political discourse, social segregation, and academics has raised valid concerns among researchers. Availability of a valid instrument to measure an individual’s social media activity in facilitating a thorough investigation of these profound issues would be indispensable. We design, deploy, and validate a new survey instrument focused on social media activity. Our goal is to test the validity of the model from various perspectives (internal, construct, convergent, etc.) in the pursuit of creating a reliable instrument for researchers. A distinctive feature of this instrument is that it draws from the Theory of Planned Behavior and Social Identity theory, thereby providing a strong theoretical underpinning to dimensions of social media activity. Our results demonstrate our instrument to have reliability and discriminant validity.