Open Access

IT risks — risks associated with the operation or use of information technology — have taken on great importance in business, and IT risk management is accordingly important in the science and practice of information management. Therefore, it is necessary to systematize IT risks in order to plan, manage and control for different risk-specific measures. In order to choose and implement suitable measures for managing IT risks, effect-based and causebased procedures are necessary. These procedures are explained in detail for IT security risks because of their special importance.

Preisdifferenzierung ist ein altbekanntes Thema und spielt eine wichtige Rolle bei der Preissetzung im Online-Handel. Das Ziel dieses Beitrages ist eine kurze Darstellung der relevanten Literatur zum Thema „Preisdifferenzierung im stationären und Online-Lebensmitteleinzelhandel".

This paper presents the results of 11 in-depth interviews with digital agricultural startups. The results reveal seven main assumptions startups make about the situation on the agricultural market, their target group, their growth and the challenges they face.

Der zunehmende Anteil erneuerbarer Energien an der Stromproduktion Deutschlands erfordert einen ebenso steigenden Anteil der erneuerbaren Energien an der Bereitstellung von Regelenergie zur Stabilisierung der Stromnetze. Durch die Möglichkeit der zeitlichen Entkopplung von Gas- und Stromproduktion ist insbesondere die Biogastechnologie für die Bereitstellung von Regelenergie geeignet. Der vorliegende Beitrag skizziert ein Steuerungssystem für virtuelle Biogas-Verbundkraftwerke, dessen Oberziel die Stabilisierung des Stromnetzes ist. Die Entwicklung des Systems erfolgt im Zuge des Forschungsprojekts VKV Netz und wird durch das Bundesministerium für Wirtschaft und Energie gefördert.

Delphi is a frequently used research method in the information systems (IS) field. The last fifteen years have seen many variants of the Delphi Method proposed and used in IS research. However, these variants do not seem to be properly derived; while all variants share certain characteristics, their reasoning for differentiation inconsistently varies. It seems that researchers tend to create “new” Delphi Method variants, although the underlying modification of the Delphi Method is, in fact, minor. This leads to a heterogeneity of Delphi Method variants and undermines scientific rigor when using Delphi. The study addresses this deficit and (1) identifies different variants of Delphi and determines their characteristics, (2) critically reflects to what extent a clear distinction between these variants exists, (3) shows the clearly distinguishable Delphi Method variants and their characteristics, (4) develops a proposed taxonomy of Delphi Method variants, and (5) evaluates and applies this taxonomy. The proposed taxonomy helps clearly differentiate Delphi Method variants and enhances methodological rigor when using the Delphi Method.

In service-oriented architectures the management of services is a crucial task during all stages of IT operations. Based on a case study performed for a group of finance companies the different aspects of service management are presented. First, the paper discusses how services must be described for management purposes. In particular, a special emphasis is placed on the integration of legacy/non web services. Secondly, the service lifecycle that underlies service management is presented. Especially, the relation to SOA governance and an appropriate tool support by registry repositories is outlined.

The objective of this student project was for the students to develop, conduct, and supervise a training course for basic work place applications (word processing and business graphics). Students were responsible for the planning, organizing and the teaching of the course. As participants, underprivileged adolescents took part in order to learn the handling of IT applications and therefore, improve their job skills and have a better chance to get into employment. Therefore the adolescents do the role of trainees at the course. Our students worked with a population that is continually overlooked by the field. As a result, the students trained to design and implement training courses, exercised to manage projects and increased their social responsibility and awareness concerning the way of life and living conditions of other young people. The underprivileged adolescents learned to use important business applications and increased their job skills and job chances. The overall design of our concept required extensive resources to supervise and to steer the students and the adolescents. The lecturers had to teach and to counsel the students and had to be on “stand-by” just in case they were needed to solve critical situations between the two groups of young people.

With the increasing significance of information technology, there is an urgent need for adequate measures of information security. Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and security breaches, fraudulent accounting practices, and attacks on IT systems appeared in public, organizations have recognized their responsibilities to safeguard physical and information assets. Security standards can be used as guideline or framework to develop and maintain an adequate information security management system (ISMS). The standards ISO/IEC 27000, 27001 and 27002 are international standards that are receiving growing recognition and adoption. They are referred to as “common language of organizations around the world” for information security. With ISO/IEC 27001 companies can have their ISMS certified by a third-party organization and thus show their customers evidence of their security measures.

This paper deals with the combination of OSGi and cloud computing. Both technologies are mainly placed in the field of distributed computing. Therefore, it is discussed how different approaches from different institutions work. In addition, the approaches are compared to each other.

In this paper, five ontologies are described, which include the event concepts. The paper provides an overview and comparison of existing event models. The main criteria for comparison are that there should be possibilities to model events with stretch in the time and location and participation of objects; however, there are other factors that should be taken into account as well. The paper also shows an example of using ontologies in complex event processing.

Heterogeneity has to be taken into account when integrating a set of existing information sources into a distributed information system that are nowadays often based on Service- Oriented Architectures (SOA). This is also particularly applicable to distributed services such as event monitoring, which are useful in the context of Event Driven Architectures (EDA) and Complex Event Processing (CEP). Web services deal with this heterogeneity at a technical level, also providing little support for event processing. Our central thesis is that such a fully generic solution cannot provide complete support for event monitoring; instead, source specific semantics such as certain event types or support for certain event monitoring techniques have to be taken into account. Our core result is the design of a configurable event monitoring (Web) service that allows us to trade genericity for the exploitation of source specific characteristics. It thus delivers results for the areas of SOA, Web services, CEP and EDA.

Using modern devices like smartphones and tablets offers a wide variety of advantages; this has made them very popular as consumer devices in private life. Using them in the workplace is also popular. However, who wants to carry around and handle two devices; one for personal use, and one for work-related tasks? That is why “dual use”, using one single device for private and business applications, may represent a proper solution. The result is “Bring Your Own Device,” or BYOD, which describes the circumstance in which users make their own personal devices available for company use. For companies, this brings some opportunities and risks. We describe and discuss organizational issues, technical approaches, and solutions.

BACKGROUND: Despite their increasing popularity, little is known about how users perceive mobile devices such as smartphones and tablet PCs in medical contexts. Available studies are often restricted to evaluating the success of specific interventions and do not adequately cover the users' basic attitudes, for example, their expectations or concerns toward using mobile devices in medical settings. OBJECTIVE: The objective of the study was to obtain a comprehensive picture, both from the perspective of the patients, as well as the doctors, regarding the use and acceptance of mobile devices within medical contexts in general well as the perceived challenges when introducing the technology. METHODS: Doctors working at Hannover Medical School (206/1151, response 17.90%), as well as patients being admitted to this facility (213/279, utilization 76.3%) were surveyed about their acceptance and use of mobile devices in medical settings. Regarding demographics, both samples were representative of the respective study population. GNU R (version 3.1.1) was used for statistical testing. Fisher's exact test, two-sided, alpha=.05 with Monte Carlo approximation, 2000 replicates, was applied to determine dependencies between two variables. RESULTS: The majority of participants already own mobile devices (doctors, 168/206, 81.6%; patients, 110/213, 51.6%). For doctors, use in a professional context does not depend on age (P=.66), professional experience (P=.80), or function (P=.34); gender was a factor (P=.009), and use was more common among male (61/135, 45.2%) than female doctors (17/67, 25%). A correlation between use of mobile devices and age (P=.001) as well as education (P=.002) was seen for patients. Minor differences regarding how mobile devices are perceived in sensitive medical contexts mostly relate to data security, patients are more critical of the devices being used for storing and processing patient data; every fifth patient opposed this, but nevertheless, 4.8% of doctors (10/206) use their devices for this purpose. Both groups voiced only minor concerns about the credibility of the provided content or the technical reliability of the devices. While 8.3% of the doctors (17/206) avoided use during patient contact because they thought patients might be unfamiliar with the devices, (25/213) 11.7% of patients expressed concerns about the technology being too complicated to be used in a health context. CONCLUSIONS: Differences in how patients and doctors perceive the use of mobile devices can be attributed to age and level of education; these factors are often mentioned as contributors of the problems with (mobile) technologies. To fully realize the potential of mobile technologies in a health care context, the needs of both the elderly as well as those who are educationally disadvantaged need to be carefully addressed in all strategies relating to mobile technology in a health context.

Metagenomic studies use high-throughput sequence data to investigate microbial communities in situ. However, considerable challenges remain in the analysis of these data, particularly with regard to speed and reliable analysis of microbial species as opposed to higher level taxa such as phyla. We here present Genometa, a computationally undemanding graphical user interface program that enables identification of bacterial species and gene content from datasets generated by inexpensive high-throughput short read sequencing technologies. Our approach was first verified on two simulated metagenomic short read datasets, detecting 100% and 94% of the bacterial species included with few false positives or false negatives. Subsequent comparative benchmarking analysis against three popular metagenomic algorithms on an Illumina human gut dataset revealed Genometa to attribute the most reads to bacteria at species level (i.e. including all strains of that species) and demonstrate similar or better accuracy than the other programs. Lastly, speed was demonstrated to be many times that of BLAST due to the use of modern short read aligners. Our method is highly accurate if bacteria in the sample are represented by genomes in the reference sequence but cannot find species absent from the reference. This method is one of the most user-friendly and resource efficient approaches and is thus feasible for rapidly analysing millions of short reads on a personal computer.

Sowohl die liquiditäts- als auch die erfolgsorientierte Betrachtungsweise von Zahlungsströmen soll mit dem Begriff der optimalen Liquidität zum Ausdruck kommen. Der Liquiditätsplan stellt ein geeignetes Instrument dar, um fundierte Entscheidungen zu ermöglichen. Neben Ausführungen zu den allgemeinen Grundlagen bietet die Abhandlung von Dr. K. Kairies praxisorientierte Überlegungen für die Einführung und Pflege eines Liquiditätsplanes im Unternehmen.

Report of a research project of the Fachhochschule Hannover, University of Applied Sciences and Arts, Department of Information Technologies. Automatic face recognition increases the security standards at public places and border checkpoints. The picture inside the identification documents could widely differ from the face, that is scanned under random lighting conditions and for unknown poses. The paper describes an optimal combination of three key algorithms of object recognition, that are able to perform in real time. The camera scan is processed by a recurrent neural network, by a Eigenfaces (PCA) method and by a least squares matching algorithm. Several examples demonstrate the achieved robustness and high recognition rate.

Nach einer kurzen Einführung in die Themen Angst und Stress wird der Zusammenhang zwischen Stress und Leistung dargestellt. Abschließend werden Lösungsmöglichkeiten für Personen mit Prüfungsangst vorgestellt.