Progress in IS Jan Devos Hendrik van Landeghem Dirk Deschoolmeester Editors Information Systems for Small and Medium-Sized Enterprises State of Art of IS Research in SMEs Progress in IS For furthervolumes: http://www.springer.com/series/10440 Jan Devos Hendrik van Landeghem • Dirk Deschoolmeester Editors Information Systems for Small and Medium-Sized Enterprises State of Art of IS Research in SMEs 123 Editors Jan Devos Hendrik vanLandeghem ELIT-Lab Industrial Management UniversityCollege West-Flanders Ghent University Kortrijk Ghent Belgium Belgium and Dirk Deschoolmeester Department of Management, Ghent University Innovation andEntrepreneurship Ghent Faculty ofEconomics and Business Belgium Administration Ghent University Ghent Belgium ISSN 2196-8705 ISSN 2196-8713 (electronic) ISBN 978-3-642-38243-7 ISBN 978-3-642-38244-4 (eBook) DOI 10.1007/978-3-642-38244-4 SpringerHeidelbergNewYorkDordrechtLondon LibraryofCongressControlNumber:2013948746 (cid:2)Springer-VerlagBerlinHeidelberg2014 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartof the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionor informationstorageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purposeofbeingenteredandexecutedonacomputersystem,forexclusiveusebythepurchaserofthe work. Duplication of this publication or parts thereof is permitted only under the provisions of theCopyright Law of the Publisher’s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the CopyrightClearanceCenter.ViolationsareliabletoprosecutionundertherespectiveCopyrightLaw. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publicationdoesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexempt fromtherelevantprotectivelawsandregulationsandthereforefreeforgeneraluse. While the advice and information in this book are believed to be true and accurate at the date of publication,neithertheauthorsnortheeditorsnorthepublishercanacceptanylegalresponsibilityfor anyerrorsoromissionsthatmaybemade.Thepublishermakesnowarranty,expressorimplied,with respecttothematerialcontainedherein. Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) Foreword Thisbookpresentingarticlesofdiverseandvariednatureisofutmostimportance to help scholars and practitioners having also academic interests to analyse, interpret and support discussions about the real world of ICT and SMEs. In the seventies and eighties I saw major large-sized companies and organi- sations being confronted with a gradual penetration of computerisation efforts to support, with hopefully relevant data being of proper quality (information), and their administrative tasks occurring in a variety offunctional domains. The con- cernsthatmostoftenlarge-sizedinstitutions,buttosomeextentalsocompaniesor organisationsofmedium-sizethenhavewastobefocusedonquestionslikehowto organise—centraliseordecentralise—theirplanning,controlandexecutionwitha steadily growing IT/IS infrastructure. And thus supporting management and employees with timely, effective and efficient managerial and operational deci- sion-making and execution capabilities. From early research on, then emerging with bits and pieces, I learned that the volume of investments and recurrent costs madeinIT/IS,weremostoftenrelatedtothesheersizeoftheorganisation. More specifically,ownresearchtaughtmethatthesizeinemployment,morespecifically the number of white collar employees, was a measure for the volume and com- plexity of organisation’s administrative tasks (Debrabander et al. 1972). Thus the statistical relationship between IT-investments and costs seen over time and the number of white collar employees was found very relevant and the highest sig- nificancewasfoundbetweenallrelationshipshypothesisedaspotentiallyrelevant. Inotherwords,thesizevariableexpressedinnumbersofwhitecollaremployment, representing the volume, complexity and variabilityof the administrative tasks of an organisation was a major driver for investing in IT. So in this 1970–1980s perioditwasunderstandablethatSMEslogicallyweremorelaggardsthanearlyIT adopters. Once these more quantitative observations were made, the research agenda changed with new questions on quality, value and impact on organisational per- formanceofIT/ISefforts.Mostoftheseeffortshadtoberealisedbyveryengaged personnel having either a very technical IT education or a higher level education excluding on IS-aspects. So personnel lacking proper education for IT/IS in a business context, having also no sufficient experience in connecting and v vi Foreword integrating IT with business domains, were asked to develop IT applications for senior management. IT/IS-Capabilities for organisations were being developed from scratch with personnel not really having been properly educated for IT/IS. Ofcourseassignedprofessionalsweredoingtheirverybest,buttheupsideand downsiderisksweresohighthatmanyeffortsfornewISsystemsfailedtoalarge extent. A steady and fast introduction of newer information technologies were adding a constant risk to yield IT/IS-investments failures and thus organisational pain, misery and often annoying chaos. More automation was continuously breeding a excessive need for more and more automation while efforts continued alltoooftentoresultinillusionsandpromisesforobtainingstableresultsfromIT/ ISatsomedistantfuture.ThisgoodenoughculturearoundIT/ISefforts,especially when external service providers were involved, all too often created serious cla- shes due to misaligned or badly executed agreements about IT/IS products and services. Coping with angriness about failure and idle promises occasionally neededinvolvementoflegalcourt,lawyersandexpertsgivenaroleformediating and brokering the litigate case. These cases of IT failures usually showed that proper planning, evaluation ex-ante and more,especially trust between partners, was missing despite great expectations of managers to improve performance of theirorganisation.Itisthereforeunfortunatetorecognisethatmorerecentresearch showsthatsimilarstrugglingtoimproveintegrationandimpactofIT/ISforbetter performance of organisations might still be too frequently a lasting and trouble- someconcern(Poels2012).Andthissituationisclearlyworsewhenobservingand studying computerisation in SMEs. Indeed, SMEs do experience a series of more adverse conditions when selecting and implementing IT applications and infra- structure.Theygenerallylacksufficientresourcesandoftenarehamperedintheir efforts for attracting the internal and external high-skilled personnel or service providers with proper knowledge and experience in both the IT and business domains.Whileoutsourcingbecameachoiceforlargercompanies,forSMEsthis is the major option. They have to bring in external service providers, hopefully also knowledgeable in their business domain and models of operating. SME management being often seduced for sourcing on less stable products, also designed and introduced in a style of ‘bricolage’. Luckily also exceptions on this rather negative state exist. Indeed, there exists also a minority of visionary and knowledgeable SME-directors who succeed to bring their IT-efforts under ade- quatecontrol.Andwhounderstandhowtosucceedatreasonablecostsandefforts, withengagement oftheircollaborators,togradually workoutIT-investmentsthat help them to perform well. Thesetofarticlesinthisbookon‘‘ICTandSMEs’’isofcoursecomingtoolate for helping to avoid the many IT-failures of the past. But today in a context of social media and penetration of ubiquitous and omnipresent computing I would gladly saythisbookispublishedinduetime.Iwashonouredfortheinvitationto assist and help as a co-editor and I congratulate my co-editors and especially the initiatorofthiscontributedvolume,Dr.JanDevos,togetherwithalltheauthorshe Foreword vii couldreassembleonthesubject,becausetheycreatedastep-stoneforscholarsand practitioners who coach and advise SMEs to improve their capabilities to realise better conditions than earlier IT systems needed for quality decision-making and operations. Gent Belgium Prof emer Dr. ir Dirk Deschoolmeester Vlerick Business School Ghent University Gent, Belgium References Debrabander,B.,Deschoolmeester,D.,Leyder,R.,&Vanlomme,E.(1972).Effect oftaskvolumeandcomplexityuponcomputeruse.JournalofBusiness45(1), pp 56–84. Poels, G. (2012). International Conference on Research and Practical Issues of Enterprise Information, Enterprise information systems of the future 6th IFIP WG 8.9 Working Conference, CONFENIS, Ghent, Belgium, September 19–21, 2012, revised selected papers, Berlin, New York: Springer. Preface Small and Medium-Sized Enterprises (SMEs) constitute nowadays a major busi- nesssectorallovertheworld,coveringawidespectrumofindustries.Thenumber of SMEs far exceeds the number of large and very large organisations. SMEs contribute strongly to the GDP and even more to the growth in employment of most countries. In Europe, two-thirds of all new jobs are created by SMEs and more than 99 % of all enterprises are SMEs (Commission 2011a; Commission 2011b). Even today, the U.S. economy is by no means dominated by giant cor- porations. More than 99 % of all independent enterprises employ fewer than 500 employees (SBA 2011). These SMES account for 52 % of all U.S. workers. Similar numbers can be found for other developed as well as for developing countries all over the globe. SMEs contribute disproportionately to innovation, generating 13 times as many patents per employee as large companies do (Horn et al. 2012). Contradictorily, many SMEs struggle to survive and grow and they display limited productivity. In spite of being a key economic contributor in many countries, SMEs suffer from various challenges, often inherent, often induced by social, economic, geographical or cultural grounds or other reasons beyond their control. Although there are quite some factors contributing to low SME survival rates, one crucial factor that has been singled out is the (lack of) successful adoption and use of Information Technologies (IT). IT can be seen as an enabler for business growth,effective competition, andinnovation inSMEs (Higon 2012; Levyet al.2005).However,whenitcomestoITadoptionand use,SMEsarenot the best pupils in class as many studies have shown (Antlova 2009; Arbore et al. 2006;Sharma2009;Wielickietal.2010).SMEsoftenexpressareluctantvisionto ITadoptionwhichismainlybasedonalackofmanagerialITcapabilities.Thisis duetoorganisationalimmaturityandresultsinanasymmetricrelationshipwithIT suppliers dominating the arena (Devos et al. 2012). SMEs are vulnerable organ- isations with a shortage of expertise, resources and managerial maturity (Welsh et al. 1981). OntheotherhandweseethatinthefieldofISresearchmostempiricalworkis conducted in large organisations and SMEs are often left on their own (Devos 2011).Thereasonsforthisaremanifold.Somescholarsdonotalwaysbelievethat SMEs constitute a different unit of analysis for IS research. There is still much debategoingoninthatdomain.Researchhasrevealedthatthesuccessofbringing ix x Preface ITintoorganisationsispositivelyrelatedtoorganisationsize(Eindoretal.1978). Although it is very cumbersome to clearly define what constitutes IT success, it wasshownthatsuccess ofbringing,for instance, ERP intoorganisations supports thesizehypothesis(Ifinedo2007;Mabertetal.2003).Thereisalsotheproblemof definingwhatconstitutesanSME.InEuropeSMEsaredefinedascompanieswith lessthan250employees,butintheU.S.SMEsaredefinedascompanieswithupto 500 employees (Commission 2003). However in view of the current economic turbulence, it has never been more importanttofocusonthecollectionofscientificknowledgeonSMEsinrelationto IT/IS, since it is on the back of these organisations that innovation, growth and potential recovery will be realised. To stimulate the IS research in SMEs we decided to bring various works of scholars and practitioners together in a con- tributed volume. There are two dimensions inevery contributed chapter: an IT/IS phenomenon and an SME environment. Both dimensions are intertwined, but in their concerted action a unique subfield of IS research is created. Thisvolumeisdividedintosixpart,whichcovervariousaspectsofISresearch in SMEs. In all chapters the unit of analysis is the SME. The first part, ‘‘IT Governance’’, contains three chapters presenting various aspects of governance and management in SMEs. The first chapter, ‘‘Governance of IT in Small and Medium-Sized Enterprises’’ by Erik Guldentops addresses the enterprise gover- nance of IT as the responsibility of the top layer of an entity to ensure IT is effectiveandefficientandprovidesvaluetotheenterprisewhilekeepingriskstoan acceptablelevel.EnterprisegovernanceofITfocusesonITValueandITRiskand consistsofpractices,organisationalstructuresandrelationshipsbetweenexecutive and management. In SMEs however, these structures and relationships very often rest in one person, the owner/entrepreneur. The biggest value and risk challenge forSMEsistheacquisitionofautomatedsolutionsbecausetheyoftendonothave sufficient capabilities to deal with it, they do not occur often and represent a relatively large risk. To address this, a set of acquisition guidelines is proposed. Finally, four management practices that resulted from recent pragmatic research are proposed for SME leadership to consider. This exertion is of high relevance since it is based on a long and intense work onIT Governance within the COBIT framework. The COBIT framework helps managers deal with enterprise gover- nance of IT. The second chapter, ‘‘Business Process Management in Small Business: A Case Study’’, by Ian Dallas and Moe T. Wynn brings a case study of a BPM initiative to develop process infrastructure in an establishing small business. It explores whether mainstream BPM tools, techniques and technologies can be appliedinasmallbusinesssetting.Thechapterprovidesabackgroundtothecase organisation, outlines the activities undertaken in the BPM initiative and distils key observations drawn from participation in the initiative and consultation with stakeholders. Based on case study experiences, a number of implications are identified for further consideration by the BPM community as it continues to address the question of how it can become more widely adopted amongst SMEs. Preface xi In the third chapter, ‘‘Information Technology (IT) Security in Small and Medium Enterprises’’, Michael W. Kimwele addresses the issue of IT security in SMEs. SMEs should embrace IT security in order to realise the benefits of IT without compromising the IT security status. Much like any other business asset, information is an asset that needs to be strategically managed and protected. It is therefore imperative that SMEs understand the value of information contained within their business systems and have a framework for assessing and imple- menting IT security. To address challenges faced by SMEs, this research estab- lishesanInformationTechnology(IT)frameworkthatcanallowSMEsimplement cost effective security measures. The framework is likely to assist SME stake- holders measure the effectiveness of their security enhancing mechanisms. The second part, ‘‘Adoption and Use’’ consists of five chapters. In the fourth chapter, ‘‘Enterprise Architecture for Small and Medium-Sized Enterprises: A Starting Point for Bridging EA to SMEs, Based on Adoption Models’’, by MaximeBernaert,GeertPoels,MoniqueSnoeckandManuDeBackerinvestigate whyEnterpriseArchitecture(EA)isnotyetadoptedbySMEs,despitethebenefits EA can offer. This chapter offers a starting point for EA technique developers to really adapt EA techniques to an SME context. Research steps are given to start developing EA techniques, as well as a starting point for a metamodel based on only four concepts, because the characteristics of SMEs emphasise the need for simpleEAtechniques.Theseconceptsrefertofourdimensionsthatarepresentin a broad spectrum of EA techniques. The fifth chapter entitled, ‘‘Assessment of Information Technology Use in Small and Medium-Sized Enterprises: Empirical Investigation in Five Cases’’, by Emre Sezgin and Sevgi Özkan presents an exploratory study with the practice of a new model for assessment of IT use in SMEs, which is called ITMEM: Information Technology Management Enhancement Model. This model aims to enhance IT management and processes within five domains (Identification, Selection, Acquisition, Exploitation and Protection) which brings together the organisational useofITinacoherentwhole.Theresultspresentedthatpracticing assessment in companies is encouraging in terms of IT use by employees and increasingqualityofbusinessprocesses.Thereportedfindingswouldbeavaluable asset for researchers who are developing a model, and for practitioners who are developing managerial implications on IT management and IT use in SMEs. The sixth chapter, ‘‘ICT Policy to Foster Interorganisational ICT Adoption by SMEs: The Netherlands Goes Digital Case’’, by Marijn G. A. Plomp, Ronald S. BatenburgandPim den Hertog deals with apolicy programme thatagovernment set in place to improve SMEs on their adoption of ICT, particularly interorgani- sational ICT. Previous research provides unclear evidence on the effectiveness of theseprogrammes.Withthisstudytheauthorsaimtoprovidenewinsightintothe impact of such policy choices on ICT adoption. They assess a policy programme that ran in the Netherlands from 2002–2007. Participants are found to use sig- nificantly more interorganisational ICT and also more often find that ICT has enhanced their firm’s performance compared to the control group. However, pre- selection effects cannot be ruled out. Based on these results, the authors suggest