Enterprise Identity Management – Towards a Decision Support Framework Based on the Balanced Scorecard Approach

Enterprise Identity Management Systems (EIdMS) are an IT-based infrastructure that needs to be integrated into various business processes and related infrastructures. Assessment and preparation of decisions for the introduction need to take the costs, benefits, and the organizational settings into consideration. A variety of methods for the evaluation and decision support of new IT (e. g. EIdMS) are discussed in the literature – however, these are typically based on single dimensions (e. g. financial or technology aspects). This paper proposes a multidimensional decision support framework, based on the Balanced Scorecard concept. The presented approach introduces four perspectives and a related set of initial decision parameters to support decision making. The perspectives are (a) financial/monetary, (b) business processes, (c) supporting processes and (ICT) infrastructure and (d) information security, risks and compliance. Perspectives and adaptable sets of decision parameters also may serve as foundation for software-based decision support instruments.

[1]  Didier P. Hostettler,et al.  The Balanced Scorecard: a Necessary Good or an Unnecessary Evil , 1999 .

[2]  R. Dorf,et al.  The Balanced Scorecard: Translating Strategy Into Action , 1997, Proceedings of the IEEE.

[3]  R. Kaplan,et al.  Linking the Balanced Scorecard to Strategy , 1996 .

[4]  Erik Brynjolfsson,et al.  The productivity paradox of information technology , 1993, CACM.

[5]  Martin Bichler,et al.  Design science in information systems research , 2006, Wirtschaftsinf..

[6]  Lorin M. Hitt,et al.  Productivity, Business Profitability, and Consumer Surplus: Three Different Measures of Information Technology Value , 1996, MIS Q..

[7]  Huseyin Cavusoglu,et al.  Model for Evaluating , 2022 .

[8]  E. Ziegel,et al.  The Balanced Scorecard , 1998 .

[9]  Denis Royer,et al.  Assessing the Value of Enterprise Identity Management (EIdM) – Towards a Generic Evaluation Approach , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[10]  Young U. Ryu,et al.  Network externalities, layered protection and IT security risk management , 2007, Decis. Support Syst..

[11]  Harri Oinas-Kukkonen,et al.  A review of information security issues and respective research contributions , 2007, DATB.

[12]  Phillip J. Windley Digital identity , 2005 .

[13]  Thorsten Spitta,et al.  Approaches to the Ex-ante Evaluation of Investments into Information Systems , 2004, Wirtschaftsinf..

[14]  Denis Royer,et al.  Planung und Bewertung von Enterprise Identity Managementsystemen , 2008, Datenschutz und Datensicherheit - DuD.

[15]  Denis Royer,et al.  Der Lebenszyklus von Identitäten , 2008, Datenschutz und Datensicherheit - DuD.

[16]  Wes Sonnenreich,et al.  Return On Security Investment (ROSI) - A Practical Quantitative Modell , 2005, J. Res. Pract. Inf. Technol..

[17]  Maris G. Martinsons,et al.  Rethinking the value of IT, again , 2002, CACM.

[18]  Christer Magnusson,et al.  Value creation and Return On Security Investments (ROSI) , 2007, SEC.

[19]  Paul Müller,et al.  Balanced IT-Decision-Card Ein Instrument für das Investitionscontrolling von IT-Projekten , 2004, Wirtschaftsinf..

[20]  Shamkant B. Navathe,et al.  A Management Perspective on Risk of Security Threats to Information Systems , 2005, Inf. Technol. Manag..

[21]  Brian L. Dos Santos,et al.  Improving the return on IT investment: the productivity paradox , 2000, Int. J. Inf. Manag..

[22]  Denis Royer Ganzheitliche Bewertung von Enterprise Identity Management Systemen - Der Ansatz der Balanced Scorecard als taktisches Entscheidungsunterstützungsinstrument , 2008, Sicherheit.

[23]  Matthias Schumann,et al.  Wirtschaftlichkeitsbeurteilung für IV-Systeme , 1993, Wirtschaftsinf..

[24]  Albert L. Lederer,et al.  How IT organizations handle rapid IT change: five coping mechanisms , 2001, Inf. Technol. Manag..

[25]  Ralph H. Sprague,et al.  Invited Article: A Framework for the Development of Decisoin Support Systems , 1980, MIS Q..

[26]  Salvatore T. March,et al.  Design and natural science research on information technology , 1995, Decis. Support Syst..

[27]  Steve Purser Improving the ROI of the security management process , 2004, Comput. Secur..

[28]  Robert M. Davison,et al.  The balanced scorecard: a foundation for the strategic management of information systems , 1999, Decis. Support Syst..

[29]  Marit Hansen,et al.  Digitale Identitäten — Überblick und aktuelle Trends , 2006, Datenschutz und Datensicherheit - DuD.

[30]  Andreas Steffen,et al.  IT-Controlling mit der Balanced Scorecard , 2001 .

[31]  Lawrence A. Gordon,et al.  The economics of information security investment , 2002, TSEC.

[32]  Kai Rannenberg,et al.  Mobilität, mobile Technologie und Identität , 2006, Datenschutz und Datensicherheit - DuD.

[33]  Daniel J. Power,et al.  Specifying An Expanded Framework for Classifying and DescribingDecision Support Systems , 2004, Commun. Assoc. Inf. Syst..

[34]  Ralph H. Sprague,et al.  A Framework for the Development of Decision Support Systems , 1993 .

[35]  Mike Bourne,et al.  Translating strategy into action , 1998 .