Understanding the Role of Information Technology for Organizational Control Design: Risk Control as New Control Mechanism [chapter]

Manuel Wiesche, Michael Schermann, Helmut Krcmar
2011 IFIP Advances in Information and Communication Technology  
Organizational control is one of the fundamental functions of management. Although controls come along with performance constraints, organizations rely on control mechanisms to direct attention, motivate, and encourage organizational members to act according to organizational goals and objectives. Managers build their decision on control design on the degree of knowledge about the value creation process and the predictability of the outcome. In this paper, we enhance a popular theoretical
more » ... ork for organizational control design by enclosing IT-enabled controls. We explore the framework empirically in a multiple case study on Governance, Risk management, and Compliance information systems (GRC IS), a popular new trend in organizational control design. Our findings provide evidence that ITenabled controls enable a new control mechanism, risk control, for situations with perfect knowledge about the transformation process and high ability to measure output. As research implication, we recommend an extension of organizational control theory to incorporate the effects of information technology on control design. As practical implication, we provide decision support for the selection of GRC controls, depending on situational factors and the expected value proposition. In sum, this research enhances the body of knowledge on organizational control design with a risk-based perspective.
doi:10.1007/978-3-642-24148-2_9 fatcat:r3quoqwzejbfhkyxaiew75hysy