Posts

Posts

  • Richard E Lillie
    Emerging Technologies in Distance Education -- Outstanding...106
    blog entry posted September 7, 2010 by Richard E Lillie, tagged research in Teaching with Technology > TwT public
    title:
    Emerging Technologies in Distance Education -- Outstanding Resource
    intro text:

    In July, 2010 AU Press (Athabasca University, Canada) published a book that I think you will find is an excellent resource for ideas about using technology in teaching and learning.  The book entitled Emerging Technologies in Distance Education is edited by George Veletsianos.

    AU Press makes the book available for free in Adobe Acrobat (.pdf) format.  You may download the entire publication or selected chapters.

    This book is worth exploring.  It may not turn you into a "pro from Dover" (to draw on the line from the movie Mash).  However, it should help you better understand how to use technology when you design course materials and share them with your students.

    Enjoy.

    Rick Lillie (Cal State, San Bernardino)

    Emerging Technologies in Distance Education

  • Edith Orenstein
    COSO Publishes Exposure Draft Updating 1992 Internal Control...13
    blog entry posted December 21, 2011 by Edith Orenstein, tagged research, teaching in Edith Orenstein's Member Blog public
    title:
    COSO Publishes Exposure Draft Updating 1992 Internal Control Framework: Why Should You Care?
    body:

    On Dec. 19, 2011 the Commitee of Sponsoring Organizations of the Treadway Commission, whose founding members are the AAA, AICPA, FEI, IIA and IMA, announced the release of an Exposure Draft updating COSO's 1992 Internal Control-Integrated Framework (IC-IF). Why should you care? Why should your students care?

    For the past 20 years, COSO's IC-IF has been the 'gold standard' as a principles-based framework for internal control, particularly internal control over financial reporting, as evidenced by the reference to COSO in the SEC's and PCAOB's rulemaking requiring management reports, and an auditor's report, on the effectiveness of internal control over financial reporting.

    Input from constituents of all five of COSO's sponsoring organizations, and other stakeholders, is highly sought to help make the resulting revision of COSO's general IC-IF, and the related Guidance on Internal Control over External Financial Reporting (ICEFR) - to be released as a separate Exposure Draft in the Spring of 2012, more practical, and more sensible from a theoretical/principles based focus as well.

    COSO's framework is a tool which students in the field of financial reporting and beyond should be familiar with as they enter the business world.

    The comment deadline on the Exposure Draft for the update to COSO's IC-IF is March 31, 2012. Read more about COSO's ED in the FEI FInancial Reporting Blog, and keep up with the latest developments by visiting COSO's website, www.coso.org."

    By the way, FEI recently launched a second blog, authored by Tom Thompson of our research affiliate, the Financial Executives Research Foundation (FERF). Learn more about the FERF research blog.

  • Richard E Lillie
    Competency-based education is all the rage: What is it?9
    blog entry posted April 7, 2015 by Richard E Lillie, tagged research, teaching in Teaching with Technology > TwT public
    title:
    Competency-based education is all the rage: What is it?
    intro text:

    In his blog "OLDaily," Stephen Downes referenced an article published in The Tennessean (4/07/2015) titled Competency-based education is all the rage:  What is it?  The article was written by Kimberly K. Estep, Chancellor of WGU Tennessee (Western Governors University).

     

    Estep provides a great definition of competency-based education (CBE).  She provides an interesting example of how CBE works at WGU Tennessee.

     

    I'm interested in finding out whether your college or university has adopted any type of CBE programs, particularly for accounting.  If you have adopted a CBE for accounting or are considering doing this, please REPLY to this posting telling us about the program.

     

    Best wishes,

     

    Rick Lillie

     

    Rick Lillie, MAS, Ed.D., CPA (Retired)

    Associate Professor of Accounting, Emeritus

    CSUSB, CBPA, Department of Accounting & Finance

    5500 University Parkway, JB-547

    San Bernardino, CA.  92407-2397

     

    Email:  rlillie@csusb.edu

    Telephone:  (909) 537-5726

    Skype (Username):  ricklillie

     

     

  • Richard E Lillie
    12 Tech Innovators -- Who are Transforming Campuses6
    blog entry posted July 26, 2012 by Richard E Lillie, tagged research, teaching, technology, technology tools in Teaching with Technology > TwT public
    title:
    12 Tech Innovators -- Who are Transforming Campuses
    intro text:

    The Chronicle of Higher Education has published its first e-book titled Rebooting the Academy:  12 Tech Innovators Who Are Transforming Campuses.  The book is available through Amazon.com in Kindle format.

    Bob Jensen commented about the book in an AECM posting this morning.  Rather than purchasing the e-book at this point, I decided to learn something about the work of each innovator.  I discovered that the name of each innovator on the Chronicle web page is an active hyperlink to a support web page describing the innovator and his(her) work.

    Click the image below to access the "Technology" page (Thursday, July 26, 2012) in the Chronicle of Higher Education.  Click the name of an innovator to find out about the person's work.  Also, peruse the feedback comments at the bottom of the Chronicle web page.  The comments are quite good.

    If an innovator's stories tweaks your interest, you may want to search deeper for articles about the innovator's work. Alternatively, you may decide it's time to purchase the Kindle e-book.

    Enjoy!

    Rick Lillie (Cal State, San Bernardino)

     

     

  • Roger S Debreceny
    Forthcoming paper: Blogs as Research and Teaching Resources...2
    blog entry posted March 18, 2016 by Roger S Debreceny, tagged research, teaching in JIS Senior Editors' Blog public
    title:
    Forthcoming paper: Blogs as Research and Teaching Resources for Accounting Academics
    intro text:

    A forthcoming paper in JIS from Dr Glen Gray, California State University at Northridge, is entitled  Blogs as Research and Teaching Resources for Accounting Academics. So this is a blog about blogs!

    Glen Gray

    Dr Glen Gray

    body:

    If William Shakespeare was writing about blogs today, he would say something like "What’s in a name? A blog by any other name would still be just as sweet." Blogs are definitely a sweet source of timely information on a wide variety of topics for accounting- and AIS-related research and teaching. However, there is no absolute definition of blogs that can be used to determine whether a website is a blog or not. Blog is a label that a web master can give to his/her website or not. As working definition, a blog is a website where an individual (a blogger) or a group of individuals post observations and opinions regarding a specific topic and usually where readers can post comments. There is probably thousands of useful website that meet this definition but are not called blogs by the webmasters. Under this broad definition of blogs, social media (Facebook, Twitter, etc.) are blogs.

    Potentially useful blogs (and blog equivalents) are maintained by academics (inside and outside of the accounting domain), practitioners, large and small accounting firms, and accounting and technology vendors. The primary value of blogs is their immediacy because bloggers are very quick to post blogs regarding any events (new regulations, new lawsuits, new technologies, etc.) in the subject matter they are following. Bloggers archive their previous posts; accordingly, besides being very timely, blogs can also provide a rich history of specific subject matters. However, quoting the movie, How the Grinch Stole Christmas, “One man’s compost is another man’s potpourri.”  Blogs are not vetted or subject to independent review, consequently it’s caveat emptor when venturing into the blogosphere to collect information.  

    With that caution stated, different bloggers’ opinions—biased or not—on a specific topic or subject matter can be a valuable starting point or input for more rigorous research. These opinions can be transformed into testable hypothesis and subsequently accepted or rejected.

    These different bloggers’ opinions can also be a valuable teaching resource. Students can be assigned to locate several blogs on a specific topic, summarize differences found, and develop conclusions based on their review of the blogs and a rational for reaching those conclusions.

    The challenge is that locating applicable blogs is a messy and arbitrary process. Search of BlogSearchEngine.org (a Google app) on the term “accounting” returns 32 million results! Fortunately, the top listed accounting blogs are frequently lists of blogs (e.g. 50 Accounting Blogs You Should Follow at blog.directcapital.com).  In addition to traditional web searches (e.g., google.com), there are specialized blog directories that provide another method to locate blogs. One place to start is 23 Blog Directories to Submit Your Blog To (www.searchenginejournal.com/20-essential-blog-directories-to-submit-your-blog-to).

    To completely realize the value of blogs, you should also search for websites that have all the characteristics of blogs, but are not labeled blogs. For example, in addition to specifically labeled blogs, both large and small accounting firms publish newsletters, alerts, and perspectives that have all of the characteristics blogs. These blog-equivalents cover a wide variety of topics and be included in any search for blogs for research or teaching.

  • AAA HQ
    2015 Inaugural Event2
    announcement posted September 14, 2015 by AAA HQ, tagged AiBD, practice, public interest, research, teaching in Accounting IS Big Data (AiBD) > AiBD Conference 2015 public
    headline:
    2015 Inaugural Event
    details:

    The AAA's Centers for Advancing Accounting hosted their inaugural event: the Accounting IS Big Data Conference, on September 3-4, 2015 in New York City at the New York Marriott Marquis located in the heart of Times Square. 

    The meeting was amazing.  If you did not attend, you will still be able to participate! The sessions were all video taped and will be made available to AAA members shortly. Case materials used during the conference will also be made available to AAA academic members soon. (Click on the Conference "Members Only" button above.)

  • Richard E Lillie
    Dark Side of the Internet: Students can find almost...1
    blog entry posted December 15, 2015 by Richard E Lillie, tagged research, teaching, technology in Teaching with Technology > TwT public
    title:
    Dark Side of the Internet: Students can find almost anything on the Internet
    intro text:

    For many years, I have taught accounting courses in face-to-face, blended, and fully online formats.  Of the three instructional methods, I thoroughly enjoy teaching courses in the fully online format.  My personal logo reflects the challenge of doing this.

    While undergraduate courses tend to be somewhat "nuts-n-bolts" focused, graduate courses (both MBA and Master's of Accountancy) are broader in scope, require a lot of writing and presentations, include case studies, team collaboration and online research.  For both undergraduate and graduate courses, the Internet is an important support resource for the teaching-learning process.  The Internet can be either a good resource or a not-so-good resource depending on intent with which it is used.

    During recent academic terms, I have noticed a significant increase in the use of what I call the "Dark Side of the Internet."  By this I mean the increasing student use of the Internet as a source for finding solutions to class assignments, solutions to exam questions, solutions for case studies, and engaging others who will write papers for students for a fee.  While unethical, this type of behavior does not seem to cause even a "blink of an eye" for students who gravitate toward "Dark Side" activity.  This trend includes students completing courses in all three course delivery formats (i.e., face-to-face, blended, and fully online).

    I am amazed when a student turns in an assignment prepared by someone else and considers the assignment to be his(her) own work.  The fact that the submitted assignment is NOT his(her) own work does not seem to be a matter of concern.  After all, the student paid a fee for a service.

    I am updating an online graduate course that I am teaching during upcoming Spring 2016.  I plan to include a few short case studies to be used for team projects.  Course topics are interesting, challenging, and intense.  The projects are well-suited for the team and case study formats.  The cases are good examples of the old adage "more heads may be better than one."  Team discussion and research are integral parts of preparing a case solution.

    I have been searching for appropriate case studies for the course.  Each time I find an interesting case study, the first thing I do is perform an online search for the case study title. This is where things get interesting very quickly.

    Over and over again, the title of the case study pops up on the screen with a URL that links to a website that promises a "high quality" solution for the case study with the claim that an "A" grade is only a click away!  How could a student whether undergraduate or graduate resist this kind of temptation.

    Below are statements posted on the home page of a "case writing service" offering "personalized case solutions for you."  Of course, "personalized case solutions" cost money.

    • "We offer personalized solutions to any business case, individually written by.....graduates from top North American universities."
    • "We guarantee your cases will be written individually which means there is no chance of plagiarism.  We provide answers....at a reasonable price!"
    • "We pride ourselves in quality work.  Having completed over 1,000...business cases, as well as 500+ case solutions from other organizations, you are guaranteed a quality solution."
    • "Please browse out site and do not hesitate to contact us with any questions.  We will gladly solve your case and please remember, an 'A' grade is only a click away!"

    Students find these "Internet resources" pretty easily.  A quick search using almost any search engine turns up links like the ones shown below.

    While I thoroughly enjoy the challenge of teaching in the online format, I am both challenged and frustrated by students who feel that cheating and unethical behavior are acceptable.  In a recent online class, I read short essay responses that were word-for-word from the author's suggested solution for a textbook end-of-chapter ethics question.  What are the odds of a student or team coming up with an exact word-for-word answer?  Astronomical?

    I recently came across an interesting blog post on a website called "Online Schools Center."  The focus of the post was "How Students Cheat Online."  I especially liked a comment in the post that addressed my concern about being both challenged and frustrated by students who feel that cheating and unethical behavior is acceptable.  Below is the comment.

    As I update course materials for my upcoming Spring 2016 course, I will write about ways that I build into my course design that I "hope" will motivate students not to engage in Dark Side activities.

    Some methods that I have built into my course designs have worked pretty well.  Unfortunately, others have failed.  I have always heard that "failure" is the first step toward success.  If this is true, then I'm certainly headed in the right direction.

    Tell me what you think about this posting.  I hope my comments will start a conversation on a topic that we all face one way or another.

    Best wishes,

     

     

     

     

  • Roger S Debreceny
    Aggravated Cybersecurity Risks Implications for Accounting...1
    blog entry posted April 22, 2014 by Roger S Debreceny, tagged research, teaching in JIS Senior Editors' Blog public
    title:
    Aggravated Cybersecurity Risks Implications for Accounting and Auditing Research and Practice
    intro text:

    There have been a number of important cybersecurity breaches in recent months. This blog posting reviews some of these cybersecurity breaches and points to some of the guidance and standards that assist organizations in building reliable and repeatable security infrastructure. The blog analyzes recent guidance on cybersecurity risks from the Center for Audit Quality, which I see as a taking an overly conservative view of the implications of the risk environment for internal control over financial reporting. Finally, I canvass the implications for the academic research community.

    body:

    Aggravated Cybersecurity Risks
    Implications for Accounting and Auditing Research and Practice

    A Heightened Threat Environment

    Over the last several months we have seen some important cybersecurity challenges faced by several organizations. Probably the most important of these challenges was the breach of credit card and customer data faced by Target Corporation. The attack on Target Corporation, Nieman Marcus and many other organizations are all indicative of a heightened threat environment. In this blog posting, I review some of these cybersecurity breaches and point to some of the guidance and standards that assist organizations in building reliable and repeatable security infrastructure. In my view, there are clear implications of the heightened cybersecurity risks for the conduct of IT audit, which is a core concern for the accounting information systems community that is served by the Journal of Information Systems. I analyze recent guidance on cybersecurity risks from the Center for Audit Quality, which I see as a taking an overly conservative view of the implications of the risk environment for internal control over financial reporting. Finally, I canvass the implications for the academic research community.

    Target and Nieman Marcus breaches

    In December 2013, Target Corporation confirmed that information on more than 40m credit and debit card were exfiltrated from their networks. In January, Target disclosed that, in addition to the loss of card information, that information on “guests” was stolen, including “names, mailing addresses, phone numbers or email addresses for up to 70 million individuals” (goo.gl/Gz1Hev).  In a world where loss of personal data seems a daily occurrence, these are truly startling numbers. There are clearly severe implications of the breach for Target in direct costs, an array of class action legal suits, suits against Target from attorneys-general in states and territories and enforcement actions by regulators, notably the Federal Trade Commission. Target is also likely to face action from credit card issuers through Payment Card Industry Security Standards Council (PCI). Indeed, just in September 2013 Target had been certified as compliant with PCI-DSS.

    The Congress has not been silent in the matter, with hearings from the Commerce and Judiciary committees. While working on my teaching, I watched the Commerce Committee hearing with Target, Niemann Marcus, the University of Maryland and representatives of the FTC and VISA (the hearings are archived at goo.gl/TSrcrN). The hearings were enlightening, and are highly recommended if you have a spare four hours available. Appearing in front of the Committee, amongst others, were John J. Mulligan, CFO of Target Corporation and Dr. Wallace Loh, President of the University of Maryland. The university suffered a breach of identifying information of more than 300,000 students and alumni.

    Concomitantly with the hearings, the Commerce Commission published an analysis of the Target breach in a delightfully titled majority staff report “A “Kill Chain” Analysis of the 2013 Target Data Breach” (goo.gl/zRnKBe). The report provides an excellent overview of the timelines in the breach, the technologies involved and the various breakdowns in Target’s monitoring and controls. The Executive Summary of the report notes that:

    Key points at which Target apparently failed to detect and stop the attack include, but are not limited

    to, the following:

    • Target gave network access to a third-party vendor, a small Pennsylvania HVAC company, which did not appear to follow broadly accepted information security practices. The vendor’s weak security allowed the attackers to gain a foothold in Target’s network.
    • Target appears to have failed to respond to multiple automated warnings from the company’s anti-intrusion software that the attackers were installing malware on Target’s system.
    • Attackers who infiltrated Target’s network with a vendor credential appear to have successfully moved from less sensitive areas of Target’s network to areas storing consumer data, suggesting that Target failed to properly isolate its most sensitive network assets.  Target appears to have failed to respond to multiple warnings from the company’s anti-intrusion software regarding the escape routes the attackers planned to use to exfiltrate data from Target’s network (p. i)

     

    Using publicly available information on the breach, the Commerce Committee report shows how the bad actors were able to leverage compromised e-business partner credentials to gain access to Target’s networks. Unsurprisingly, the credentials from the e-business partner were obtained following spear phishing attacks. The report shows how multiple urgent alerts from behavioral network monitoring software were ignored by Target’s security personnel. Figure 5 of the report shows the points in the kill chain where Target missed opportunities to prevent the exfiltration of information. Unfortunately, the report does not provide details on how the bad actors were able to gain access to the “guest” data, which is of significantly greater value to those actors than credit or debit cards.

    Figure 6 of the report gives a timeline of the breach, showing the length and complexity of the kill chain:

    The Commerce Committee has been active in promotion of national legislation but without much success thus far. There is draft legislation (“The Data Security and Breach Notification Act”) before the Commerce Committee but other similar bills from the House and Senate have withered away and this bill will probably suffer the same fate.

    Recent developments in guidance

    Over the years, the security standards landscape has been heavily populated. ISO/IEC17799, now renumbered as ISO/IEC27002 provides a useful framework for security management. The COBIT IT governance framework has always had security as a core component.  COBIT 5 for Information Security presents an IT security centric view of COBIT. The NIST 800 series from the National Institute of Standards and Technology (NIST) provide guidance for federally regulated organizations such as financial institutions. At the national level, in February NIST published its “Framework for Improving Critical Infrastructure Cybersecurity” (goo.gl/a41MrX). This framework was a response to an executive order from President Obama in 2013. To readers of the other guidance listed above, the framework will be familiar. The framework describes four tiers that “describe an increasing degree of rigor and sophistication in cybersecurity risk management practices and the extent to which cybersecurity risk management  is informed by business needs and is integrated into an organization’s overall risk management practices.” The tiers are closely aligned to the levels of process maturity in CMM and CMMI. Importantly, the framework does not see the world ab initio. Rather, it is tightly coupled with COBIT 5, ISO and NIST 800. What is important about the Framework is that it represents a national and integrated perspective on hardening information security defenses for a wide range of organizations.

    Reaction by regulators in the securities and audit domain

    The issue of information security has also been of heightened interest to the Securities and Exchange Commission (SEC). The Commission held an all-day Cybersecurity Forum in March archived at goo.gl/JAOoj8. There were four panels on the “cybersecurity landscape,” “public company disclosure,” “market systems,” and “broker-dealers, investment advisers, and transfer agents.” Panelists included Mary E. Galligan, Director, Cyber Risk Services, Deloitte & Touche; Adam Sedgewick, Senior Information Technology Policy Advisor, National Institute of Standards and Technology The quality of the archived webcast reminds me of video on the Internet in the last millenium, but is well worth while listening to.

    The response to the increased threat environment by other regulators and professional organizations closer to the accounting and AIS community has been mixed. A search for “cybersecurity” on the PCAOB website turned up only the following November 2013 statement from PCAOB Board Member Harris in the context of the Board’s strategic direction (see goo.gl/f2v3DX):  

    The Board will also continue to monitor current events and emerging trends that may lead to increased audit risk. For example, cybersecurity risk recently has become a topic of concern for the Securities and Exchange Commission and other financial regulators.  Such risk pose significant issues for companies such as: increased security costs; loss of material intellectual property; claims by customers; and litigation. Therefore, I believe that auditors must examine the internal controls companies have in place to address such risks. I think it important that the Board will consider forming an internal task force and preparing a practice alert related to cybersecurity and its impact on audits. I support the formation of such a task force and the issuance of an audit alert, if the Board deems such an alert appropriate.

     There were also a comment by one of the participants in the most recent meeting of the Board’s Strategic Advisory Group (SAG) pointing to the significantly elevated importance of cybersecurity in the mindshare of corporate board and audit committee members. There seems, however, to be no concrete action by the PCAOB on security at any point in its history. Similarly, a search of the Auditing Standards Board did not reveal any targeted (so to speak) action on security.

    Prior to the aforementioned SEC roundtable, the Center for Audit Quality (CAQ) issued a practice alert on “Cybersecurity and the External Audit” (available at http://goo.gl/oG1bJ0). In absence of detailed guidance from the PCAOB or ASB, the practice alert presents the best guide to thinking in the auditing community on the implications of cybersecurity for the external audit. I encourage all in the AIS community to read the practice alert. I am, however, concerned that the practice alert downplays the risks to internal control and ultimately to the integrity of financial reporting that comes from information security threats. The alert states:

    The responsibility of the independent auditor relates to the audit of the  financial statements and, when applicable, the audit of internal control over financial reporting (ICFR). The financial reporting-related information technology (IT) systems and data that may be in scope for the external audit usually are a subset of the aggregate systems and data used by companies to support their overall business operations and may be separately managed or controlled. Accordingly, the financial statement and ICFR audit responsibilities do not encompass an evaluation of cybersecurity risks across a company’s entire IT platform.

    It is difficult to quibble with this statement. Many corporations will have production systems running on different local area networks quite distinct from those systems such as sales systems that feed the core accounting applications or the core accounting applications themselves. The “entire IT platform” is not in scope. The alert goes on to state, however, that:

    Systems and data in scope for most audits usually are a subset of the totality of systems and data used by companies to support their overall business operations, and the audit’s focus is on access and changes to systems and data that could impact the financial statements and the effectiveness of ICFR. In contrast, a company’s overall IT platform includes systems (and related data) that address the operational, compliance and financial reporting needs of the entire organization.

    From an operational risk or privacy perspective, companies implement processes and controls to restrict access to their systems, applications and data, including third party records and other sensitive information. Accordingly, given the focus on a narrower slice of a company’s overall IT platform, the execution of an audit of the financial statements and ICFR in accordance with professional standards likely would not include areas that would address such a cybersecurity breach. However, if information about a material breach is identified, the auditor would need to consider the impact on financial reporting, including disclosures, and the impact on ICFR. (Emphasis added).

    This seems almost dangerously naïve. The practice alert argues, essentially, that application systems that are within the scope of ICFR are typically corralled from other operational systems. Therefore the external auditor need not concern herself with broader questions of information security and cybersecurity risks and controls. If recent events such as the Target Corporation and Neiman Marcus breaches teach us anything, they teach us that cybercriminals are capable of burying deep within corporate networks and attacking a wide variety of application systems. As the Commerce Committee staff report on Target notes, “it appears that the attackers succeeded in  moving through various key Target systems.” Just because an ERP or General Ledger system is on a different local area network than a production management or logistics systems does not, in my view, reduce the risk of external attack. Given the centrality of accounting information systems to the functioning of corporations; the wealth of data that resides on those systems that is likely to be of great interest to cybercriminals, surely the external auditor should consider the potential risks that come from cybersecurity threats. Perhaps the CAQ had a typographical mishap and the word “not,” highlighted above, was not meant to be in the alert?

    Information Security and the Accounting Information Systems Research Community

    And now we turn to the role played by our accounting, auditing and AIS research community in general and the Journal of Information Systems in particular. How well has the accounting and auditing research community faced the challenge faced by enterprises, governments and not-for-profits? Not well. As a quick metric, I searched the last five years of abstracts of papers published in all AAA journals, using the keywords “security,” “cybersecurity challenges,” and “information security.” The search revealed only six references, interestingly all published in the Journal of Information Systems. This compares with 64 papers on “earnings management” and 72 papers on “audit fees” and “audit pricing.”

    In the broader academic community, there are a limited number of initiatives from the AIS community that involved information security. For the last many years, Efrim Boritz at the University of Waterloo has organized a biennial symposium on information assurance, which touches lightly on information security. Accounting at the Robert H Smith School of Business at the University of Maryland, is organized into the  Accounting and Information Assurance (AIA) Department with Larry Gordon and Marty Loeb conducting vital research on information security. At Akron University, Akhilesh Chandra and Thomas Calderon along with other colleagues organize an annual symposium on information security, hosted by the Center for Research and Training in Information Security and Assurance (CReTISA). While individually important, these initiatives are hardly indicative of a robust teaching and research attack on information security in our community.

     

    As senior editors of the Journal of Information Systems, Mary Curtis and I are very much interested in publishing leading edge research in information security. As might be imagined, we are particularly interested in papers that have a strong connection with our accounting and auditing community. The first theme issue we initiated was on Information Security. The theme issue is edited by Dr Akhilesh Chandra, Professor of Accounting and Director of the Institute for Global Business, The University of Akron and Carlin Dowling, Associate Professor at The University of Melbourne. Papers close on October 15 and the call for papers is at aaahq.org/InfoSys/JIS/calls/InfoSecurity2014_Oct.pdf. 

    Roger Debreceny
    Senior Editor
    Journal of Information Systems

    April 2014

  • Richard E Lillie
    Salman Khan -- A Breath of Fresh Air in Instructional Design...1
    blog entry posted February 8, 2014 by Richard E Lillie, tagged research, teaching, technology in Teaching with Technology > TwT public
    title:
    Salman Khan -- A Breath of Fresh Air in Instructional Design -- Makes Me Think!
    intro text:

    Earlier today, Bob Jensen posted a link on AECM to a Harvard Business Review article (January-February 2014) titled Life's Work: Salman Khan.  I've written about Salman Khan and the Khan Academy several times before.  I use technology extensively in my course designs.  Where appropriate, I draw on Khan's methods and techniques to improve what I do for my students.

    Salman Khan

    Like Salman Khan, I am very much student-centered in my approach to designing the teaching/learning experience.  My approach to teaching came from the years when I was an audit manager in the National Continuing Education Department at Grant Thornton International (GTI).  I quickly learned that you do not teach adult learners.  Rather, you guide them through a learning process.  Adult learners take responsibility for their own learning.

    In the HBR article, Khan states that "one meta-level thing is to take agency over your own learning."  I agree with his statement.  However, I think it is important to understand the point at which a learner may be development wise.

    Taking "agency" (responsibility) for your own learning assumes a learner has the maturity needed for this level of responsibility.  I believe this is where faculty play a major role in the teaching/learning process.  I don't equate "tech-savviness" with "maturity."  Just because someone can interact with others on Facebook and Twitter does not necessarily make the person ready to take total control of the teaching/learning process.

    A learner in the "becoming stage" (i.e., in the process of earning a degree or credential) needs guidance, influence, and a structured learning process.  Whereas, a learner who has moved beyond the "becoming stage" (i..e, has earned a degree or credential) into the "continuing education stage" has reached the point of personal development where it is OK to do whatever turns you on.  Learning is more "learning for learning's sake." 

    Khan states that Khan Academy is all about giving more breathing room to the learner.  He believes he can use technology to deliver information at a student's pace.  He says "there is something you get only from a human voice..It's incredibly valuable."  On this, Khan and I agree.  

    I learned the art of instructional design by the seat of my pants.  I quickly realized that "CPA" stood for "cut, paste, and attach."  I created some pretty interesting instructional materials with a pencil, ruler, invisible tape, IBM Selectric typewriter, a variety of font balls, colored markers, and some fairly modest software applications.  I was amazed what I could accomplish with an Apple2Plus computer.  This all brings back a lot of enjoyable memories.

    While at GTI, I started experimenting with computer-based instructional design.  I played around with sound and video.  It was difficult to do and include in course design.  The technology was far too clunky, complicated to use and far too expensive.  While experimenting, I began to follow the work of Ruth Colvin Clark and Richard E. Mayer dealing with multimedia learning.

    Khan's methodology is all about connecting with the learner in ways that empower the learner to progress as quickly as the learner is capable of doing.  I agree with this objective to a point.

    Rick Lillie, CSU San Bernardino

     

     

     

  • Richard E Lillie
    CHANGING HIGHER EDUCATION1
    blog entry posted November 14, 2012 by Richard E Lillie, tagged research in Teaching with Technology > TwT public
    title:
    CHANGING HIGHER EDUCATION
    intro text:

    Today, I learned about an outstanding blog published by Lloyd Armstrong titled Changing Higher Education.  He writes about a rapidly changing world driven by powerful forces such economics.politics, demographics, religion and technology.  Armstrong suggests that American universities have been affected only marginally by these forces so far; but, imagines it difficult to believe universities will not be changed in significant, perhaps radical, ways over the next few decades.  Armstrong focuses on forces impacting higher education.  I believe you will find this website to be a tremendous resource that challenges your thinking about what is happening in higher education.

    Rick Lillie (CSU San Bernardino)