Rethinking the concept of user involvement
MIS Quarterly
Explaining the role of user participation in information system use
Management Science
The IS risk analysis based on a business model
Information and Management
Beyond accuracy: what data quality means to data consumers
Journal of Management Information Systems
Hi-index | 0.00 |
User participation is essential to identifying information security risks in routine business processes because it is the business users who possess detailed knowledge of business processes. This research develops a theory of the consultative form of user participation that emphasizes the cognitive benefits of user participation. In consultative participation, designated users acting as subject matter experts with detailed knowledge of specific business processes participate in a risk analysis to identify information security vulnerabilities. It is expected that previously unknown information risks will be identified, thereby increasing the quality of information used for information risk management. Knowledge of identified risks is expected to be transferred among peers (e.g., other users) or other participant groups (e.g., IT), which is expected to ultimately lead to improved information security through enhanced policies and procedures.