HOW DO ORGANIZATIONS LEARN FROM INFORMATION SYSTEM INCIDENTS? A SYNTHESIS OF THE PAST,PRESENT, AND FUTURE
成果类型:
Review
署名作者:
Mehrizi, Mohammad H. Rezazade; Nicolini, Davide; Modol, Joan Rodon
署名单位:
Vrije Universiteit Amsterdam; University of Warwick; Universitat Ramon Llull; Escuela Superior de Administracion y Direccion de Empresas (ESADE)
刊物名称:
MIS QUARTERLY
ISSN/ISSBN:
0276-7783
DOI:
10.25300/MISQ/2022/14305
发表日期:
2022
页码:
531-590
关键词:
security investments
software risk
management
time
KNOWLEDGE
IMPACT
FAILURE
project
prevention
FRAMEWORK
摘要:
This paper reviews the literature on how organizations learn from information system (IS)incidents. We identify three modes of learningdependingonthe practices that constitute the learning process, the specificactors whoplay roles inlearning, the temporal orientationof the learningpractices, andthe specificcontextual focusof the learning. The literature focuses primarily onlearning frompast experience todrawlessons for future incidents (reflective learningmode). Yet, agrowingstream of literature stresses theimportance of learningthroughengagement withpresent incidents (embeddedlearningmode), andafewstudies suggest that organizations can learnprospectively toprepare for future incidents (prospective learningmode). We argue that althoughthese three learningmodes are effective, they donot adequately explainhoworganizationslearnfrom ISincidents whenusedinisolation. Since ISincidents unfoldincreasingly as setsof interactingevents across informationsystems andorganizational settings, organizational learningneedstobe theorizedas aniterative process amongthese learningmodes. We synthesize these three learning modesintoanintegrative framework and theorize about their supportive andinhibitingrelations. We suggest some opportunities for future research, which would advance our understanding of how organizations learn from IS incidents
来源URL: