See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/354537000

Resilience in Information Systems Research - A Literature Review from a Socio-

Technical and Temporal Perspective

Conference Paper · December 2021

CITATIONS READS

0 68

3 authors:

Manuel Weber Janine Viol Hacker

University of Liechtenstein University of Liechtenstein
6 PUBLICATIONS   3 CITATIONS    29 PUBLICATIONS   193 CITATIONS   

SEE PROFILE SEE PROFILE

Jan vom Brocke

University of Liechtenstein
530 PUBLICATIONS   11,285 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

The Archaeology of Digital Artifacts in Practice View project

Coding Value View project

All content following this page was uploaded by Manuel Weber on 26 October 2021.

The user has requested enhancement of the downloaded file.

 Resilience in Information Systems Research - A
Literature Review from a Socio-Technical and Temporal
Perspective1
Short Paper

Manuel Weber Janine Hacker Jan vom Brocke

University of Liechtenstein University of Liechtenstein University of Liechtenstein
Vaduz, Liechtenstein Vaduz, Liechtenstein Vaduz, Liechtenstein
manuel.weber@uni.li janine.hacker@uni.li jan.vom.brocke@uni.li

Abstract
At the latest since the COVID-19 pandemic, the notion of ‘resilience’ has become omnipresent. As
Information Systems (IS) researchers, we are particularly interested in how IS can contribute to
coping with exogenous shocks like the pandemic and help organizations and societies to become
more resilient. However, a comprehensive overview of how resilience is studied in the IS discipline
and of potential shortcomings is currently missing. Addressing this gap, we perform a systematic
review of IS research on resilience within the context of organizations by considering different
elements from a socio-technical and temporal perspective. Based on this review, we are able to
identify major topics in IS research on resilience and their interrelationships. For each of the
elements of socio-technical systems, as well as the different phases, we discuss the current status
and provide directions for future research.

Keywords: Resilience, information systems research, socio-technical system, temporal

phases

Introduction
Events, such as the COVID-19 pandemic, reveal the vulnerabilities of information systems (IS) resulting from altered
interactions between humans, technology, their tasks, as well as the fragility of the underlying processes, decision-
making mechanisms, and applications (Fong Boh et al. 2020). The information systems (IS) community has initiated
a discourse on how IS can contribute to coping with the current pandemic (Ågerfalk et al. 2020). In this regard,
resilience has become an omnipresent concept in both research and practice. It refers to how societies,
organizations, and individuals cope with uncertainty and shield themselves from the consequences of exogenous
shocks (Bhamra et al. 2011). In the IS discipline, a growing number of studies dealing with different aspects of
resilience, such as its ontological meaning and desired outcome, can be observed. Yet, findings are scattered, and
up until now, there is no comprehensive overview of how the IS community has addressed resilience and which
aspects of resilience may potentially be under-researched. To achieve and maintain the resilience of organizations,
different dimensions of socio-technical systems, like information technology (IT) and processes, need to be
considered and coordinated (Heeks and Ospina 2019; Müller et al. 2013).

1
Author´s Version. Please cite as: Weber, M., Hacker, J., and vom Brocke, J. 2021. “Resilience in Information Systems
Research - A Literature Review from a Socio-Technical and Temporal Perspective,” in Proceedings of 42nd
International Conference on Information Systems 2021, Austin, Texas.

1
In this paper, we perform a systematic literature review to analyze the current state of IS research on resilience,
focusing on the organizational context. We do so by applying a socio-technical and a temporal perspective. By taking
a socio-technical perspective (Bostrom and Heinen 1977; Sarker et al. 2019), we aim to study different dimensions
of resilience and their interplay. Also, given that resilience enables organizations to recover after a crisis or an event
(Müller et al. 2013), we draw on disaster management phases to identify and explore activities related to resilience
over time (Lettieri et al. 2009; Sahebjamnia et al. 2015). With this research, we aim to provide a comprehensive
understanding of how resilience is studied by the IS community and identify gaps in the current body of literature to
guide future research. Our work should also guide practitioners in supporting their endeavors for achieving and
managing resilience.

Research Background
Resilience

Rooted in ecological, biological, and psychological studies, the concept of resilience is nowadays applied in many
other research disciplines – such as IS research (Bhamra et al. 2011). Across different contexts, the notion of
resilience is “[…] closely related with the capability and ability of an element to return to a stable state after a
disruption (Bhamra et al. 2011, p. 5376).” Resilience can be regarded as an integrative concept and analyzed from
various perspectives and levels, depending on the research context (Bhamra et al. 2011). A literature analysis
conducted by Bhamra et al. (2011) shows that, depending on the context, resilience can be regarded as a measure,
capacity, ability, or quality, for instance. In the context of IS, Heeks and Ospina (2019) characterize resilience as a
system property, however, highlight that the prior work has dealt with this notion in terms (i) input factors of IS,
such as humans, (ii) the IS itself, and (iii) outcome factors of IS.

Information Systems as Socio-Technical Systems

Within the IS discipline, the socio-technical perspective is a well-established concept, which does not only consider
technical artifacts such as the used technology or application, but also accounts for individuals and groups, using
technology in a social context. For our research, the investigation of the interaction between the social and technical
systems is central to study and understand resilience in IS research (Sarker et al. 2019). According to Bostrom and
Heinen (1977) socio-technical systems consist of four dimensions. First, people, such as employees, customers, as
well as their behavior and necessary skills. Second, the tasks and processes people are involved in. The third
dimension, structure, is associated with governance issues such as roles and responsibilities or hierarchy levels (e.g.,
Collins et al. 2020). The fourth dimension, technology, refers to the deployed information systems, such as traditional
enterprise resource planning systems (Ignatiadis and Nandhakumar 2007) or emerging technologies, e.g., artificial
intelligence or blockchain (Ting et al. 2020). Beyond the dimensions by Bostrom and Heinen (1977), data is suggested
as a fifth dimension by Wallace (2015). This dimension covers aspects such as confidentiality and data protection
(Ienca and Vayena 2020). In this study, we apply a socio-technical lens to integrate and analyze IS research on
resilience according to those five dimensions. In Table 1 below, we define and describe the different socio-technical
dimensions.

Disaster management phases

In IS research, the factor „time“ is used to study how people’s expectations and capacities (Fan et al. 2020), their
capabilities or organizational resources (Yoo and Roh 2018) vary over time. Resilience is often mentioned in
connection to dealing with unexpected or unpredicted events, such as crises (Müller et al. 2013). Hence, by
considering different phases, we are able to identify and investigate different actions and behaviors taken by actors
at different points in time (George and Jones 2000). Specifically, we make use of three phases, which are typically
used in disaster management (Lettieri et al. 2009; Sahebjamnia et al. 2015),: (i) mitigation and preparedness phase
– before a crisis, (ii) response – during a crisis, and (iii) recovery - after a crisis (Lettieri et al. 2009). Table 1 describes
and defines these phases in more detail.

2
 Perspectives Definitions Sources

Socio-Technical Perspective

People are human subjects, e.g., managers or employees in organizations.

People
They are characterized by certain behavior, skills, and values.

Tasks are described as any form of action, which transforms inputs into
Task / Process outputs. Tasks, such as making decisions or processing data, usually have
(Bostrom and
certain goals and deliverables.
Heinen 1977;
Lyytinen and
They describe the hierarchical relationships in individual projects, social
Newman
Structure groups, or entire organizations. As such, they are set up to provide order
2008)
and stability.

Technology refers to the application of knowledge through machines,

Technology digital methods, and processes, such as development tools or technical
platforms.

Data is defined as values and observations that are recorded, processed,

and analyzed using IS (in an organization). They can take different forms (Wallace
Data
and be presented and evaluated in different ways. Examples are letters, 2015)
numbers, or any other form of codified values.

Time Perspective

This phase marks the period of time before a crisis or an event occurs.
Preparedness
Efforts are taken to minimize the degree of risk and prevent negative
and Mitigation
impacts of an event, e.g., by preparing people (actors) for crises or events.
(Lettieri et al.
Response This phase is the period of time during a crisis or an event. Actions are 2009;
taken to manage, mitigate and control the impacts of a crisis or event. Sahebjamnia
et al. 2015)
Recovery This phase is the period of time after a crisis or an event has occurred.
Actions are taken to bring processes, situations, or any other disrupted unit
(object) back to a normal (or new) state.

Table 1. Socio-technical and time perspective

Literature Review Process

In this study, we aim to integrate findings from previous IS research on resilience (Kohn 2020) and contribute to its
conceptual development by performing a systematic literature review (vom Brocke et al. 2015). Table 2 exhibits the
search strategy pursued as the first step of our literature review. Within this short paper, we focus on major IS
journals but also include IS conferences to capture more recent findings regarding resilience. Our initial search
resulted in 104 publications.

3
 Search Term Search Options Outlets

BISE, CAIS, EJIS, ISJ, ISR, JAIS, JIT, JMIS, JSIS, MISQ, MISQe
resilien* abstract, title
AMCIS, ECIS, CAIS, HICSS, ICIS, PACIS

Table 2. Search strategy

Next, we scanned the found publications and excluded short papers, research-in-progress papers, and teaching cases
(notes). We also excluded articles that did not meaningfully deal with resilience, lacked a definition of resilience, or
did not refer to a specific type of IT. In a second step, we read the abstracts to identify articles covering the (inter-)
organizational context, leading to a final sample of 30 publications as of end of January 2021 (Table 3). To analyze
the articles from a socio-technical and three-stage temporal perspective, we created a coding file. The coding
dimensions were defined, discussed, and redefined in several rounds within the author team. The actual coding was
conducted primarily by one researcher and supported by a second researcher to guarantee a consistent review
process (Mazaheri et al. 2020).

Journals Conferences
CAIS EJIS JIT MISQ MISQe ACIS AMCIS ECIS HICSS ICIS PACIS
1 2 3 1 3 2 5 1 2 4 6

Table 3. Number of relevant articles per outlet

Findings
Socio-Technical Perspective

The reviewed articles show that researchers have studied employed technologies in different ways. While some have
examined specific functions of IT, others have taken a closer look at the interaction between IT and people in specific
contexts. Overall, our initial set of articles does not point to a dominant IT that contributes directly to resilience. In
general, the availability and stability of IT (Sarkar et al. 2013) have been a critical and essential factor for
organizations to survive and recover (Sakurai and Kokuryo 2014), especially in times of crisis (Baham et al. 2017).
While the majority of the organizations studied in the reviewed papers deployed IT to manage their business in
general (Sarkar et al. 2016), some specifically addressed the maintenance of IT-enabled business processes despite
technical, legal, or operational risks (Cho et al. 2007; Westerman 2009). IT can also be deployed for analytical and
risk management purposes. In this regard, Lee and Kulkarni (2011) as well as Yoo and Roh (2018) investigate the role
of IT in analyzing risk to increase transparency within organizations embedded in turbulent environments. Only one
publication investigated the role of IT to exchange data between departments (Ignatiadis and Nandhakumar 2007).
In the healthcare context, Park et al. (2008, 2015), for instance, investigated healthcare IS to recover after a natural
disaster. The use of Industry 4.0 applications was only mentioned once in the light of organizations facing extreme
events (Morisse and Prigge 2017). Two publications investigated enterprise social media, to foster internal
communication (Wang et al. 2016) and empower individuals (Kohn 2020) in the context of exogenous shocks. The
application of grid computing (Hinz et al. 2008), innovative storage systems (Soliman 2019), cloud services (Lacity
and Reynolds 2014), and a customer relationship management system (Guneratne 2018) were mentioned each
once. In summary, most articles examine and discuss the benefits and impacts of using IT at a rather general level.
Most reviewed publications addressed the dimension of people on a psychological level. While some take people’s
psychological conditions (Wang et al. 2016) or emotional stress level into account (Wang et al. 2019), others
considered employees and their proactive awareness (building) as well as experiences in regards to extreme events
(Kohn 2020; Morisse and Prigge 2017). Moreover, peoples’ perception of risks and information were addressed

4
(Ignatiadis and Nandhakumar 2007; Park et al. 2008, 2015). Regarding human failure and errors because of
inappropriate decision and actions (Abdullah et al. 2014), prior work highlights training (Kohn 2020) to prepare
people for negative events. Regarding individuals’ positions in an organization, most reviewed articles focus on IT
and business executives (Baham et al. 2017; Marotta and Pearlson 2019; Westerman 2009), managers and their
agency (Teoh and Seif Zadeh 2013), senior executives and their decisions (Sarkar et al. 2016, 2017, 2020; Wastell et
al. 2007). In a nutshell, we observe that IS research focuses mainly on people (e.g., employees), their perception of
information, risk and their ability to cope with stressful and exceptional situations, such as crises or major
disruptions.
As for task and processes, the majority of articles addressed decision making and planning (Baham et al. 2017; Sarkar
et al. 2013, 2016, 2017, 2020; Westerman 2009). Only few deal with the use of IT, such as business analytic
applications, to support these decisions (Yoo and Roh 2018). Instead, many focused on preparatory measures and
tasks in relation to disasters or near disasters (Junglas and Ives 2007). In this respect, some articles also dealt with
recovery practices and operations to regain essential systems and capabilities, and later on return to stable
operations (Baham et al. 2017; Sakurai and Kokuryo 2014). The types of investigated processes also vary: While
Ignatiadis and Nandhakumar (2007) dealt with control and coordination processes, others investigated cognitive and
psychological processes against the background of natural disasters (Kohn 2020; Park et al. 2015). Only one article
dealt with process failures and their negative impact on the organization (Abdullah et al. 2014). Another one
investigated the reengineering of key business processes in a large public organization and its impact on
organizational resilience (Wastell et al. 2007). In relation to the implementation and optimization of IT-related
processes, prior work investigated the adoption of cloud services (Lacity and Reynolds 2014), telehealth innovation
(Cho et al. 2007), the implementation and upgrade of enterprise systems (Teoh and Seif Zadeh 2013), and the use
of Industry 4.0 applications to optimize the production process and improve its efficiency and effectiveness (Morisse
and Prigge 2017). Also, collaboration and communication processes are decisive to remain or become resilient and
can be designed in various ways. For example, Wang et al. (2019) dealt with content creation and communication in
enterprise social media to overcome uncertainties in the external environment. In terms of communicating and
working together with stakeholders, Barn and Barn (2015) investigated how the co-design of a mobile application
between caseworkers and their clients influences the resilience of their relationship. Finally, only one article
addressed the application of risk management as a method and process to analyze and determine risk in the context
of hacker attacks (Lee and Kulkarni 2011). Summarized, the reviewed literature puts a strong focus around decision
making and preparing as well as planning for events and near-events – primarily considering events with a negative
impact on organizations and processes. Depending on the type and extent of a negative event, different coping
mechanisms are suggested. We also find that the intentions of organizations after an event vary. While some
organizations aim to return to the original state, others aim to withstand a crisis or want to continue their operations
in an adapted form.
The dimension structure was treated to a rather small extent compared to the task and technology dimension. For
instance, the responsibility of employees was described only very roughly (Marotta and Pearlson 2019). Only a few
publications addressed decision areas and archetypes of roles (Sarkar et al. 2016) or governance issues in relation
to IS (Morisse and Prigge 2017; Sarkar et al. 2016). For instance, Ignatiadis and Nandhakumar (2007) studied how
the allocation of authority levels within ERP systems can lead to employees having more flexibility to make decisions
about what data to use and tasks to perform. In doing so, they addressed the issue of balancing power and control.
Junglas and Ives (2007) show that short decision-making paths and a flat hierarchy can lead to better handling of
natural disasters. Regarding possible forms of organization, only Cho et al. (2007) discussed the challenges of a
decentralized organization structure in achieving resilience to overcome contradictions in the adoption process of
telehealth technologies and the resulting innovations.
We also found relatively few results with respect to data. Data, which are available in real time, play an essential
role in supporting rapid decision-making (Baham et al. 2017; Sarkar et al. 2020). Furthermore, data can help to
achieve transparency and reduce down-times of operations and processes (Morisse and Prigge 2017) as well as
support organizational risk management and process management (Cho et al. 2007; Lee and Kulkarni 2011). To this
end, data must be meaningful, of high quality, and reliable (Sakurai and Chughtai 2020). Junglas and Ives (2007)
investigated the importance of recovering data in the event of a hurricane, but addressed this issue from a rather

5
organizational and technical perspective. Also, Baham et al. (2017) dealt with a possible data loss and the negative
impact on the decision-making of IT executives.

Time Perspective

Regarding the "preparation and mitigation" phase (Lettieri et al. 2009), predominantly psychological as well as
cognitive processes are analyzed, such as the formation of an appropriate mindset (Kohn 2020), people’s perception
of information (Park et al. 2008), and the establishment of collective mindfulness (Simha and Kishore 2011). In this
regard, there is a focus on planning and decision making (Sarkar et al. 2013), such as the development of an
integrated scenario planning to support decision makers (Lee and Kulkarni 2011) or the preparation of a disaster
plan (Junglas and Ives 2007). Appropriate training mechanisms were mentioned as a way to prepare for natural
disasters (Sakurai and Chughtai 2020). In terms of risk management, Westermann (2009) suggests that the discussion
of possible operational risks should be part of people’s everyday work. Three articles mainly focus on the "response"
phase. Teoh and Seif Zadeh (2013) mention the survivability of organizations in times of crisis, and the importance
of actively managing resilience as continuous process and mechanism for maintaining and balancing relationships
within organizations. Sakurai and Kokuryo (2014) refer to the adaptive capacity of organizations, allowing them a
continuous and dynamic development in changing their behavior during crisis. Kohn (2020) reports on the
information security behavior and pro-active awareness of remote workforce, which supports organization’s well-
being during adverse events, e.g., through using suitable digital technologies to work from home. With regards to
the "recovery" phase (Lettieri et al. 2009), Sakurai and Kokuryo (2014) referred to identifying and prioritizing critical
post-disaster missions in addition to restoring essential IT infrastructures after a natural disaster. Junglas and Ives
(2007) suggest that companies should take care of people and their needs before starting to restore IS. Moreover,
they advise that companies should derive lessons learned from negative events. Overall, there is disagreement in
the reviewed papers about whether organizations should indeed aim to recover to the original situation which may
also have led to challenges and problems (Sakurai and Chughtai 2020; Sarkar et al. 2020).

Interaction of the Socio-Technical and Time Perspective

Preparedness and Response Recovery

Mitigation
Psychological Digitally resilient mindset 1) Information 1) Digitally resilient
Task/Process
processes and pro-active awareness security behavior of employees: recover
Technology --- of employees is a employees supports faster and emerge
powerful trait and an organization’s stronger from a
Remote prerequisite well-being crisis
People
workforce
2) Non-digitally
Data --- 2) Digital resilient employees
technologies give up earlier
Structure --- empower employees

Table 4. Interaction of the socio-technical and time dimension

In Table 4 above, we exemplify the interplay between the socio-technical and time perspective, using the article by
Kohn (2020). Kohn (2020) examines the "digital resilience" of employees working from home (people), and takes a
closer look at psychological processes. While not explicitly examining an IT, data or structure-related issues, she
focuses on the mindset and the pro-active awareness of employees (working from home). As for time, the latter two
are key in the "preparedness and mitigation" phase, as employees can deal with such situations ahead of time. In
the "response " phase, she focuses on information security behavior and the use of digital technologies, as this leads
to a better functioning organization during adverse events. The first phase influences all other phases in that digitally
resilient employees can recover faster and more successfully, whereas non-digitally resilient people have problems
dealing with such situations and give up earlier.

6
Discussion and Directions for Future Research
Based on our review of IS literature, a few dominant research topics could be identified in terms of the used
technology, the people dimension, and structure-related issues, such as roles and responsibilities of senior
executives or managers. This also holds true for the task and process-related issues, e.g., decision making.
Considering the gaps identified in our preliminary findings, we would like to raise and discuss a few additional points.
In general, the reviewed articles do not provide in-depth insight into IT, its characteristics and the impact on user
behavior when having to cope with unexpected internal or external events. The same applies to the role of IT for
enabling processes. Future studies could examine how organizations are using technology to target different types
of crises or events. Hardly any of the reviewed articles examines how people use new technologies in crisis situations
and what dimensions play a role in this. Although some IS scholars have addressed traits and capabilities of people,
based on this review, it is not clear how the use of IT in the context of crisis management can be made more efficient
- especially along the three phases. Regarding processes, most reviewed articles considered topics such as
communication or collaboration, however at a rather abstract level. Future research could investigate other internal
(and cross-organizational) processes, e.g., forecasting to create different scenarios in case of a crisis. The impact of
hierarchical or organizational structures on resilience are hardly addressed in IS research. Future studies could place
more focus on effective decision-making structures and other governance issues, such as roles and responsibilities
beyond the roles of executives and managers. Data was addressed to a limited extent. In general, more background
information on the role of data in relation to internal and external challenges (or events) would be desirable for
future research. In particular, future research could investigate how data and data analytics can inform decision-
making at different managerial levels, and hence can contribute to resilience. We argue that people (e.g., employees,
users) need sufficient and reliable data before, during, and after a crisis to be able to act and make decisions.
Concerning the time perspective, the “preparedness and mitigation” phase has already been well-addressed in IS
research. However, for the “response” and “recovery” phase, there is still a gap in how people can actively manage
crises using modern IT and how they and their organization can respond during and recover after a crisis. Hence, we
encourage IS scholars to include a holistic view on the interplay of social and technical elements and describe their
interrelationships over time more in-depth. This includes the elaboration on each dimension and its characteristics,
such as people and their behavior and tasks. Hence, future research should apply a more comprehensive approach
and point out their dynamics. We also see a need to delineate the concept of resilience more strongly from other
concepts such as agility. In this regard, resilience could also be explored in relation not only to negative but also to
positive events such as technological innovation for example (Cho et al. 2007). Also, we advocate to provide an
extended ontological explanation of how resilience in the IS context finally unfolds with regards to various types of
events: resist and withstand, recover to the original state in the sense of bouncing back, or recover to a new state in
the sense of adaptation.

Conclusion, Limitations, and Outlook

In this short paper, we have shown how IS research has studied socio-technical and temporal aspects of resilience
in the organizational context. Findings of our preliminary review contribute to integrating disparate strands of IS
research on resilience, point to gaps in the existing body of knowledge, and open up opportunities for future
research. Our short paper has several limitations which inform the next steps of this research project. From a
methodological point of view, we will exclude conference articles, but instead include more journal articles in order
to increase the review quality. We also plan to provide more details regarding the used IT to analyze IT’s contribution
to resilience and the interaction between people and IT. Referring to Webster and Watson (2002) we plan to
synthesize the results by further analyzing the interaction between the socio-technical and time perspective (Table
4). Scholars can utilize this model to position their research in this field and provide more clarity about their
investigated levels of research. IS designers and practitioners can use our findings to better coordinate and scope
social and technical dimensions, in the management of projects or design of organizations. These insights allow to
align them and therefore navigate through times of crisis more effectively and successfully – before, during and after
such events.

7
References
Abdullah, N. A. S., Noor, N. L. M., and Ibrahim, E. N. M. 2014. “Information Technology Service Management (ITSM):
Contributing Factors to IT Service Disruptions - A Case of Malaysia Public Service Agencies,” in PACIS 2014
Proceedings.
Ågerfalk, P. J., Conboy, K., and Myers, M. D. 2020. “Information Systems in the Age of Pandemics: COVID-19 and
Beyond,” European Journal of Information Systems (29:3), Taylor & Francis, pp. 203–207.
Baham, C., Calderon, A., and Hirschheim, R. 2017. “Applying a Layered Framework to Disaster Recovery,”
Communications of the Association for Information Systems (40:12), pp. 277–293.
Barn, B., and Barn, R. 2015. “Resilience and Values: Antecedents for Effective Co-Design of Information Systems,” in
ECIS 2015 Proceedings, Münster.
Bhamra, R., Dani, S., and Burnard, K. 2011. “Resilience: The Concept, a Literature Review and Future Directions,”
International Journal of Production Research (49), pp. 5375–5393.
Bostrom, R. P., and Heinen, J. S. 1977. “MIS Problems and Failures: A Socio-Technical Perspective. Part I: The Causes,”
MIS Quarterly (1:3), JSTOR, pp. 17–32.
vom Brocke, J., Simons, A., Riemer, K., Niehaves, B., Plattfaut, R., and Cleven, A. 2015. “Standing on the Shoulders of
Giants: Challenges and Recommendations of Literature Search in Information Systems Research,”
Communications of the Association for Information Systems (37 (Article 9)), pp. 205–224.
Cho, S., Mathiassen, L., and Robey, D. 2007. “Dialectics of Resilience: A Multi–Level Analysis of a Telehealth
Innovation,” Journal of Information Technology (22:1), SAGE Publications Sage UK: London, England, pp. 24–35.
Collins, A., Florin, M.-V., and Renn, O. 2020. “COVID-19 Risk Governance: Drivers, Responses and Lessons to Be
Learned,” Journal of Risk Research, pp. 1073–1082.
Fan, C., Farahmend, H., and Mostafavi, A. 2020. “Rethinking Infrastructure Resilience Assessment with Human
Sentiment Reactions on Social Media in Disasters,” in Proceedings of the 53rd Hawaii International Conference
on System Sciences, pp. 1665–1674.
Fong Boh, W., Padmanabhan, B., and Viswanathan, S. 2020. Call for Papers MISQ Special Issue on Digital Resilience.
George, J. M., and Jones, G. R. 2000. “The Role of Time in Theory and Theory Building,” Journal of Management
(26:4), Sage Publications Sage CA: Thousand Oaks, CA, pp. 657–684.
Guneratne, A. 2018. “Information System Resilience among Non-Profits: Peak Led Collaboration as Strategy for
Development,” in ACIS 2018 Proceedings, Sydney, pp. 1–8.
Heeks, R., and Ospina, A. V. 2019. “Conceptualising the Link between Information Systems and Resilience: A
Developing Country Field Study,” Information Systems Journal (29:1), pp. 70–96.
Hinz, O., Schwind, M., and Beck, R. 2008. “Grid Computing in Extreme Situations: Reducing Risk and Creating
Resilience for IT-Infrastructures,” in PACIS 2008 Proceedings.
Ienca, M., and Vayena, E. 2020. “On the Responsible Use of Digital Data to Tackle the COVID-19 Pandemic,” Nature
Medicine (26:4), Nature Publishing Group, pp. 463–464.
Ignatiadis, I., and Nandhakumar, J. 2007. “The Impact of Enterprise Systems on Organizational Resilience,” Journal
of Information Technology (22:1), SAGE Publications Sage UK: London, England, pp. 36–43.
Junglas, I., and Ives, B. 2007. “Recovering IT in a Disaster: Lessons from Hurricane Katrina.,” MIS Quarterly Executive
(6:1), pp. 39–51.
Kohn, V. 2020. “How the Coronavirus Pandemic Affects the Digital Resilience of Employees,” in ICIS 2020
Proceedings, India, pp. 1–17.
Lacity, M. C., and Reynolds, P. 2014. “Cloud Services Practices for Small and Medium-Sized Enterprises.,” MIS
Quarterly Executive (13:1).
Lee, G., and Kulkarni, U. R. 2011. “Business Intelligence in Corporate Risk Management,” in AMCIS 2011 Proceedings,
Detroit, pp. 1–11.
Lettieri, E., Masella, C., and Radaelli, G. 2009. “Disaster Management: Findings from a Systematic Review,” Disaster
Prevention and Management: An International Journal (18:2), pp. 117–136.
Lyytinen, K., and Newman, M. 2008. “Explaining Information Systems Change: A Punctuated Socio-Technical Change
Model,” European Journal of Information Systems (17:6), Springer, pp. 589–613.
Marotta, A., and Pearlson, K. 2019. “A Culture of Cybersecurity at Banca Popolare Di Sondrio,” in AMCIS 2019
Proceedings, Cancun, pp. 1–10.

8
 Mazaheri, E., Lagzian, M., and Hemmat, Z. 2020. “Research Directions in Information Systems Field, Current Status
and Future Trends,” Australasian Journal of Information Systems (24), Australian Computer Society, pp. 1–25.
Morisse, M., and Prigge, C. 2017. “Design of a Business Resilience Model for Industry 4.0 Manufacturers,” in AMCIS
2017 Proceedings, Boston, pp. 1–10.
Müller, G., Koslowski, T., and Accorsi, R. 2013. “Resilience - a New Research Field in Business Information Systems?,”
in Business Information Systems Workshops. BIS 2013. Lecture Notes in Business Information Processing (Vol.
160), W. Abramowicz (ed.), Berlin, Heidelberg: Springer, pp. 3–14.
Park, I., Sharman, R., and Rao, H. R. 2015. “Disaster Experience and Hospital Information Systems,” MIS Quarterly
(39:2), JSTOR, pp. 317–344.
Park, I., Sharman, R., Rao, H. R., and Upadhyaya, S. J. 2008. “Perceived Risk and Resilience in the Face of Natural
Disasters: A Study of Hospital,” AMCIS 2008 Proceedings, pp. 1–9.
Sahebjamnia, N., Torabi, S. A., and Mansouri, S. A. 2015. “Integrated Business Continuity and Disaster Recovery
Planning: Towards Organizational Resilience,” European Journal of Operational Research (242:1), pp. 261–273.
Sakurai, M., and Chughtai, H. 2020. “Resilience against Crises: COVID-19 and Lessons from Natural Disasters,”
European Journal of Information Systems, pp. 1–10.
Sakurai, M., and Kokuryo, J. 2014. “Design of a Resilient Information System for Disaster Response,” in Thirty Fifth
International Conference on Information Systems, Auckland, New Zealand.
Sarkar, A., Wingreen, S., and Ascroft, J. 2020. “Towards a Practice-Based View of Information Systems Resilience
Using the Lens of Critical Realism,” in Proceedings of the 53rd Hawaii International Conference on System
Sciences, pp. 6184–6193.
Sarkar, A., Wingreen, S. C., and Ascroft, J. 2016. “Top Management Team Decision Priorities to Drive IS Resilience:
Lessons from Jade Software Corporation,” in AMCIS 2016 Proceedings, San Diego, pp. 1–10.
Sarkar, A., Wingreen, S. C., and Cragg, P. 2017. “CEO Decision Making under Crisis: An Agency Theory Perspective,”
Pacific Asia Journal of the Association for Information Systems (9:2), pp. 1–22.
Sarkar, A., Wingreen, S., and Cragg, P. 2013. “Organisational IS Resilience: A Pilot Study Using Q-Methodology,” in
ACIS 2013 Proceedings, Melbourne.
Sarker, S., Chatterjee, S., Xiao, X., and Elbanna, A. 2019. “The Sociotechnical Axis of Cohesion for the IS Discipline: Its
Historical Legacy and Its Continued Relevance,” MIS Quarterly (43:3), pp. 695–720.
Simha, A., and Kishore, R. 2011. “Social Capital and IT as Predicates of Collective Mindfulness and Business Risk
Mitigation: A Grounded Theory Development,” in ICIS 2011 Proceedings, Shanghai, pp. 1–18.
Soliman, O. 2019. “Big Data SAVE: Secure Anonymous Vault Environment,” in Proceedings of the 52nd Hawaii
International Conference on System Sciences, pp. 7098–7107.
Teoh, S., and Seif Zadeh, H. 2013. “Strategic Resilience Management Model: Complex Enterprise Systems Upgrade
Implementation,” Proceedings - Pacific Asia Conference on Information Systems, PACIS 2013.
Ting, D. S. W., Carin, L., Dzau, V., and Wong, T. Y. 2020. “Digital Technology and COVID-19,” Nature Medicine (26:4),
Nature Publishing Group, pp. 459–461.
Wallace, P. 2015. Introduction to Information Systems, 2nd Ed., New York: Pearson.
Wang, C. H., Liu, G. H., Lee, N. C.-A., and Chen, K.-J. 2019. “Passive Leadership and Online Interaction: The Mediating
Effects of Job Autonomy and Employee Resilience.,” in PACIS 2019 Proceedings, China, pp. 1–15.
Wang, X., Cai, Z., Liu, H., and Zheng, X. 2016. “Leveraging Enterprise Social Media for Agility Performance of
Employees: The Mediating Role of Psychological Condition.,” in PACIS 2016 Proceedings, pp. 1–16.
Wastell, D. G., McMaster, T., and Kawalek, P. 2007. “The Rise of the Phoenix: Methodological Innovation as a
Discourse of Renewal,” Journal of Information Technology (22:1), SAGE Publications Sage UK: London, England,
pp. 59–68.
Webster, J., and Watson, R. T. 2002. “Analyzing the Past to Prepare for the Future: Writing a Literature Review,” MIS
Quarterly (26:2), pp. 8–13.
Westerman, G. 2009. “IT Risk as a Language for Alignment.,” MIS Quarterly Executive (8:3), pp. 109–121.
Yoo, D., and Roh, J. 2018. “Value Chain Creation in Business Analytics,” in Proceedings of the 51st Hawaii
International Conference on System Sciences, pp. 872–881.

View publication stats