546 Part IV • The Information Management System
The vendors of software for large numbers of users
have also improved their online self-help features for
their products and are paying more attention to the “user
experience” with their products in general. For example,
pop-up screens offer help based on keystroke patterns by
the user.
Control Policies and Procedures
A list of typical policies and procedures for business
users is provided in Figure 13.10. The most contentious
issues are policies and procedures related to what hard-
ware and software can be purchased and how. The devel-
opment and enforcement of user computing “standards”
is typically an IS department responsibility, but some
organizations have set up a committee that includes
business unit representatives to establish these types of
policies and an exception process for requests of nonstan-
dard hardware or software. The degree to which organi-
zational policies are guidelines versus mandates, and
the manner in which they are enforced, varies widely
across organizations and sometimes even across different
departments within the same organization (Speier and
Brown, 1997). However, the willingness of business unit
managers and individual users to comply with computing
standards has increased in recent years as the business
advantages associated with using common tools have
increased, and employee awareness of the need to avoid
potential business losses due to external threats such as
virus attacks has become widespread.
Keeping users up to date on the latest policies and
procedures has been a challenging management issue;
organizations have typically done a better job communicating
all of them to new workers via orientation programs than to
informing current employees of changes in policies and pro-
cedures. However, user computing policies and forms for
technology and password approvals are typically accessible
to all employees via a company’s intranet, and changes in
policies and procedural deadlines can also be broadcast to all
relevant employees via e-mail.
Organizational compliance with copyrights and
licensing agreements is also a responsibility of senior IS
managers. Many organizations invested in mechanisms to
monitor software licenses and to inventory user-developed
applications and other software on desktop machines as part
of their Year 2000 (Y2K) compliance initiatives, but not all
of these organizations have continued to monitor for compli-
ance. Although enforcing control policies for software
copyrights is certainly easier to accomplish in networked
environments in general, software vendors are reportedly
still losing significant revenues due to software copyright
violations. To put pressure on companies to proactively
monitor for copyright and software licensing violations,
software vendors in the United States have created entities
such as the Business Software Alliance (BSA) through
which civil suits for copyright infringement can be filed (see
also the Software Piracy discussion in Chapter 15).
Control policies and procedures need to be continu-
ally modified in response to new technologies, new ways
of working, new laws, and new external threats. Some of
the greatest increases in costs for desktop computing are
related to security issues: preventing viruses, worms, and
other hacker software to enter a company’s network.
Providing support for workers outside of the physical walls
of a business has also become increasingly important as
computer and communications devices have become more
portable. Chapter 14 discusses these security threats in
more detail.Supporting Telecommuters
Given the accelerated diffusion of mobile devices and wire-
less networks, as well as broadband connections from the
home that support fast data transfers of large data streams
and multimedia applications, the number of computer users
who are telecommuters is likely to continue to increase.Training for E-Mail Hoarders
E-mail hoarders keep hundreds of e-mails in their inbox and use it as a searchable archive. E-mail
deleters keep only a few messages in their e-mail inbox; after reading a message, they immediately
answer it, file it, or delete it (Tam, 2007). To avoid the high storage costs of e-mails left on corporate
servers, some companies are adopting stricter policies for what e-mails to store and for how long. The
policies vary since some companies and industries are subject to special legal requirements about what
e-mail documents must be retained. Periodic archiving may also be enforced based on e-mail dates and
storage space criteria. Training programs that provide suggestions for using alternative storage options
that minimize organizational costs along with tips for altering work habits can also be effective.