@article{bradford_taylor_seymore_2022, title={A View from the CISO: Insights from the Data Classification Process}, volume={36}, ISSN={["1558-7959"]}, DOI={10.2308/ISYS-2020-054}, abstractNote={Data security is a critical concern for organizations. In a rush to protect data, some IT managers overlook the important first step of data classification and instead focus on implementing the strictest controls on all data to reduce risk. To investigate organizational processes surrounding data classification, we conduct interviews with 27 CISOs in 23 organizations. We develop a model that identifies the common themes of data classification and their interrelationships. The most common driver for data classification is compliance with data privacy regulations and security standards. Collaboration and employee education are essential to the process. Increases in employee awareness of data security risk and improvements in data hygiene are outcomes. Challenges to data classification include the increase in IT landscape complexity, maintenance of an accurate data inventory, immaturity of automated tools, limited resources, and user compliance. Our model provides insights for practitioners and identifies areas of interest for researchers.}, number={1}, journal={JOURNAL OF INFORMATION SYSTEMS}, author={Bradford, Marianne and Taylor, Eileen Z. and Seymore, Megan}, year={2022}, pages={201–218} }
 @article{bradford_henderson_baxter_navarro_2020, title={Using generalized audit software to detect material misstatements, control deficiencies and fraud How financial and IT auditors perceive net audit benefits}, volume={35}, ISSN={["1758-7735"]}, DOI={10.1108/MAJ-05-2019-2277}, abstractNote={As technology integration in auditing continues to grow, it is important to understand how auditors perceive connections between use of generalized audit software (GAS) and audit benefits.,The DeLone and McLean information systems success model (2003) is adapted with audit-related uses of GAS as antecedents to information quality. Survey data on 188 current users of GAS, who are financial and IT auditors, is analyzed with partial least squares method.,For financial auditors, detecting material misstatements antecedent is the only significant indicator of information quality for GAS. For IT auditors, detecting control deficiencies and fraud significantly impacts information quality. Information quality influences use for both auditors; however, it only influences satisfaction with GAS for financial auditors. System quality impacts GAS satisfaction for only IT auditors and has no impact on GAS use for either type of auditor. Service quality influences use of GAS for financial, but not IT auditors. For both groups, service quality has no impact on satisfaction with GAS, and GAS use and satisfaction with GAS positively increases their perceptions of audit benefits.,Financial and IT auditors who use GAS are both focused on matching GAS use with their primary audit objectives. Results suggest that as GAS use increases, system quality may be important to satisfaction. Training should first focus on the usefulness of GAS to the audit to increase extent of use. Lastly, the more auditors use GAS and are satisfied with it, the greater their perception GAS contributing directly to benefit the audit.}, number={4}, journal={MANAGERIAL AUDITING JOURNAL}, author={Bradford, Marianne and Henderson, Dave and Baxter, Ryan J. and Navarro, Patricia}, year={2020}, month={Jan}, pages={521–547} }
 @article{bradford_earp_showalter_williams_2017, title={Corporate Sustainability Reporting and Stakeholder Concerns: Is There a Disconnect?}, volume={31}, ISSN={["1558-7975"]}, DOI={10.2308/acch-51639}, abstractNote={SYNOPSIS: The number of companies reporting their corporate sustainability (CS) activities has significantly increased over the last decade. The result being a wide variability in the types of activities being reported and the ways the information is presented. An unanswered question is whether the information being reported by companies following the Global Reporting Initiative (GRI) CS framework is of interest to arguably one of the primary stakeholder groups, customers. Our study seeks to fill this knowledge gap by comparing the content of CS reports to results from a large-scale consumer stakeholder survey. By performing factor analysis on stakeholder evaluation of the importance of CS activities, we find that consumers see different dimensions than those put forth by the GRI framework, thereby suggesting a disconnect between corporate sustainability reporting and stakeholder views and interests. Our results indicate that risk and compliance are dimensions of interest to customers, while the GRI econo...}, number={1}, journal={ACCOUNTING HORIZONS}, author={Bradford, Marianne and Earp, Julia B. and Showalter, D. Scott and Williams, Paul F.}, year={2017}, month={Mar}, pages={83–102} }
 @article{henderson_bradford_kotb_2016, title={Inhibitors and Enablers of GAS Usage: Testing the Dual Factor Theory}, volume={30}, ISSN={["1558-7959"]}, DOI={10.2308/isys-51388}, abstractNote={ABSTRACT: Prior research has extensively studied information technology (IT) usage by applying well-established theories. While this research stream has yielded rich insights into the enablers of IT usage, less attention has been paid to inhibitors of IT usage. The purpose of this study is to investigate the enablers and inhibitors of generalized audit software (GAS) usage. Our research model, based on the dual factor theory, postulates that inhibitors such as system problems and perceived threat, in addition to enablers such as perceived usefulness and perceived ease of use, affect GAS usage. Based on a sample of 285 internal and external auditors, our results suggest that, after controlling for mandatory GAS usage, perceived threat negatively influences usage and perceived usefulness, whereas the system problems construct negatively influences perceived usefulness and perceived ease of use. Furthermore, our findings indicate that the effect of system problems is fully mediated by perceived usefulness an...}, number={3}, journal={JOURNAL OF INFORMATION SYSTEMS}, author={Henderson, David L., III and Bradford, Marianne and Kotb, Amr}, year={2016}, pages={135–155} }
 @book{bradford_2015, title={Modern ERP: Select, implement & use today's advanced business systems}, ISBN={9781312665989}, publisher={Raleigh, North Carolina: North Carolina State University, College of Management,}, author={Bradford, M.}, year={2015} }
 @article{bradford_earp_grabski_2014, title={Centralized end-to-end identity and access management and ERP systems: A multi-case analysis using the Technology Organization Environment framework}, volume={15}, ISSN={["1873-4723"]}, DOI={10.1016/j.accinf.2014.01.003}, abstractNote={System security is a top issue facing global organizations. This study investigates the constraints and benefits of a successful centralized end-to-end identity and access management (CIAM) implementation and the moderating role that ERP systems have in the implementation. We apply the Technology Organization Environment (TOE) framework to a case study approach. We find that organizational and technological factors result in lapses in IT governance and act as barriers to CIAM. Environmental factors also hinder CIAM implementation. Additionally, ERP systems facilitate the development of a CIAM due to integration and standardization of identities and automated provisioning. When the ERP system supports CIAM, the organization and its employees experience significant benefits including single sign-on capabilities, increased security and privacy, efficiencies in user provisioning and password management, and audit process improvement. Our results will be of value to any organization implementing CIAM and ERP. Researchers can also use our findings to further study IAM, ERP or extensions to the TOE framework.}, number={2}, journal={INTERNATIONAL JOURNAL OF ACCOUNTING INFORMATION SYSTEMS}, author={Bradford, Marianne and Earp, Julia B. and Grabski, Severin}, year={2014}, month={Jun}, pages={149–165} }
 @article{beasley_bradford_dehning_2009, title={The value impact of strategic intent on firms engaged in information systems outsourcing}, volume={10}, ISSN={1467-0895}, url={http://dx.doi.org/10.1016/j.accinf.2008.08.001}, DOI={10.1016/j.accinf.2008.08.001}, abstractNote={While information systems outsourcing has been on the rise in recent years, empirical evidence about whether IS outsourcing is value creating for shareholders is limited. Little is known about what factors influence the relation between information systems outsourcing and firm value. This study examines the effect of information systems outsourcing announcements on firm value by analyzing whether equity market reactions are associated with the management's strategic intent for outsourcing and firm characteristics of the outsourcing firm. After examining 103 IS outsourcing announcements made during the period from 1996 to 2003, results suggest that value is created for firms outsourcing with short-term operational intent rather than for longer term strategic reasons. In addition, the increase in firm value from an IS outsourcing announcement is positively associated with the firm's operating asset efficiency and the firm being in a service industry.}, number={2}, journal={International Journal of Accounting Information Systems}, publisher={Elsevier BV}, author={Beasley, Mark and Bradford, Marianne and Dehning, Bruce}, year={2009}, month={Jun}, pages={79–96} }
 @article{florin_bradford_pagach_2005, title={Information technology outsourcing and organizational restructuring: An explanation of their effects on firm value}, volume={16}, ISSN={1047-8310}, url={http://dx.doi.org/10.1016/j.hitech.2005.10.007}, DOI={10.1016/j.hitech.2005.10.007}, abstractNote={This paper draws from behavioral finance theory to provide an alternative explanation to the efficient market hypothesis that investor under- and overreactions occur by chance. Hypotheses propose relationships between information technology/systems outsourcing (hereafter IT/IS) decisions on short- and long-term abnormal returns, while exploring the potentially confounding effect of organizational restructuring events that frequently follow such decisions. Using event studies techniques, it is found that although IT/IS outsourcing announcements are positively related to short-term abnormal returns, restructuring charges after the announcement moderate the relationship between the short-term effect of such announcements and long-term abnormal returns, so that long-term returns become negative when followed by organizational restructuring efforts resulting from IT/IS outsourcing.}, number={2}, journal={The Journal of High Technology Management Research}, publisher={Elsevier BV}, author={Florin, Juan and Bradford, Marianne and Pagach, Don}, year={2005}, month={Dec}, pages={241–253} }