Computing and Information Systems - Theses

Permanent URI for this collection

http://hdl.handle.net/11343/351

Filters

2002 3
Reset filters

Settings
Statistics
Citations
Type: PhD thesis × Start date: 2002 × End date: 2002 ×

Search Results

Now showing 1 - 3 of 3
  • Item
    Thumbnail Image
    The institutional and technical antecedents of organisational design: a case study in the Victorian metropolitan hospital system
    GRAFTON, JENNIFER ( 2002)
    This dissertation examines organisational structures and management control systems in the health care sector. The influence of two antecedent variables, the institutional environment and the technical environment, on organisational design choice is examined through the use of institutional theory and transaction cost economics. These theories are used to interpret the structural and management control system responses of hospitals under pressure to form inter-organisational networks. The implications of these design responses for organisational outcomes are examined in order to assess the relative importance of efficiency and/or effectiveness versus legitimacy as the principle logic of organisational action. A case-based investigation into three large public hospital networks in Victoria Australia is undertaken. Semi-structured interviews are the primary source of empirical evidence used to address the research questions of interest. Systematic data collection and analysis protocols are employed to ensure the reliability and validity of the qualitative research method employed. The results of this study indicate that both the technical and institutional environments in which an organisation operates jointly influence organisational design. Hospital networks are found to exhibit a range of structures, which are described according to the extent of horizontal integration observed. Both the type and use of control systems employed in these networks differs according to the extent of integration. Significant integration of core services across constituent hospitals of a network is found to be associated with an increase in the prevalence of integrative liaison devices. Such networks also realign other management control systems, such as the performance measurement system and standard operating procedures, to reflect the network-wide nature of activities. It is found that where a 'fit' is achieved between the antecedent environment variables and organisational design, organisational outcomes are enhanced.
  • Item
    Thumbnail Image
    Defining the operational limits of sequence-based anomaly detectors
    Tan, Kymie Mei Chen ( 2002)
    A desirable, if not essential, component in the intrusion detection arsenal is the anomaly detector. Anomaly detection may be the only technique with the potential to address two serious security problems: the masquerader and novel attacks. Although the advantages of applying anomaly detection to intrusion detection have been well documented, less well researched are evaluation methods that can be used to determine the operational effectiveness of an anomaly detector. The problems that have plagued the application of anomaly detection to intrusion detection have made the use of anomaly detectors as intrusion detectors almost entirely impractical in real-world, working environments. Examples of such problems are high false alarm rates and the inability to clearly articulate exactly what constitutes detection coverage for an anomaly detector. To have confidence in the detection results requires precise knowledge of the detector's characteristics. These characteristics include identifying the conditions under which the detector fails, as well as those under which it works well. This thesis addresses the issue of evaluating anomaly detectors commonly used in detecting intrusions into computer systems. A comprehensive framework for anomalies, and a fault-injection methodology for introducing those anomalies into categorical data, has been developed. Using these, the operating space for different anomaly detectors is mapped, facilitating identification of the conditions that would cause an anomaly detector to exhibit detection strength, blindness or weakness. It is demonstrated that the ability to detect simple and unequivocally anomalous events, ones that should be detectable under any circumstance, differs significantly amongst anomaly detectors. The results of this thesis refute the hypothesis that all anomaly detectors are equally capable of detecting anomalies that arise as manifestations of attacks or intrusions.
  • Item
    Thumbnail Image
    Information technology outsourcing revisited: success factors and risks
    Rouse, Anne C. ( 2002)
    This thesis investigates success factors, risks and trade offs in Information Technology (IT) outsourcing arrangements, and also examines the impact of certain recommended practices on outsourcing success. Four research components contribute to the investigation: 1) a critical review of ten years' literature on IT outsourcing, paying particular attention to the evidence for success rates and the impact of practices on IT outsourcing success; 2) statistical analysis of a survey of government and non-government organisations (n = 240) taken from the largest 1000 organisations in Australia; 3) a detailed case study into the Australian Federal Government's "Whole of Government IT Infrastructure Outsourcing Initiative" and 4) qualitative analysis of 16 focus groups involving vendor and purchaser informants. Using confirmatory factor analysis on the survey data, the study validated seven dimensions of IT outsourcing success proposed in the literature. Only two of these factors had been rated positively by most survey respondents, and only a minority of respondents had rated the other five success dimensions positively. Further statistical investigations looked at the relationship between various recommended practices in IT outsourcing and certain success measures, and at relationships between success measures. Particular attention was paid to the notion of selective outsourcing, a notion that has received much attention in the literature and that is explored further in the case study of the Federal Government initiative. The focus group analysis enabled the teasing out of other factors, not easily identified in the other research. Drawing on all four research components, the thesis proposes that "information impactedness" associated with post-Internet technologies and skills shortages, and unacknowledged inherent trade-offs, contribute to generally poor risks and returns for IT outsourcing. The thesis concludes with recommendations for decision-makers.