Office: HH 290A
Contact: 519-888-4567, ext. 38060
Alec graduated from Queen’s University in 2002 and worked as an IT Audit Manager at Deloitte before completing his MSc (2009) and PhD (2013). He is also a Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP). Prior to joining the University of Waterloo, Alec was on the faculty of Bentley University from 2013-2019. His research focuses on how information systems governance and control initiatives can contribute to improving the performance of organizational processes. Alec's work has been published or is forthcoming in a variety of outlets, including the Information Systems Journal, European Journal of Information Systems, MIS Quarterly, Journal of the Association for Information Systems, Information & Management, and Information Systems Research.
Wiener, M. S., Mähring, M., Remus, U., Saunders, C., Cram, W. A. Moving IS Project Control Research into the Digital Era: The ‘Why’ of Control and the Concept of Control Purpose. Information Systems Research. Forthcoming
Cram, W. A., Wiener, M. S. Technology-Mediated Control: Case Examples and Research Directions for the Future of Organizational Control. Communications of the Association for Information Systems. Forthcoming
Cram, W. A., D'Arcy, J., Proudfoot, J. G. (2019). Seeing the Forest and the Trees: A Meta-Analysis of the Antecedents to Information Security Policy Compliance. MIS Quarterly, 43 (2), 525-554.
Cram, W. A. (2019). Agile Development in Practice: Lessons from the Trenches. Information Systems Management, 36 (1), 2-14.
Cram, W. A., Wiener, M. S. (2018). Perceptions of Control Legitimacy in Information Systems Development. Information Technology & People, 31 (3), 712-740.
Cram, W. A., Marabelli, M. (2018). Have Your Cake and Eat it Too? Simultaneously Pursuing the Knowledge Sharing Benefits of Agile and Traditional Development Approaches. Information & Management, 55 (3), 322-339.
Cram, W. A., Proudfoot, J. G., D'Arcy, J. (2017). Organizational Information Security Policies: A Review and Research Framework. European Journal of Information Systems, 26 (6), 605-641.
Cram, W. A., Gallupe, R. B. (2016). A Method to Evaluate Information Systems Control Alignment. Journal of Information Systems, 30 (1), 117-135.
Cram, W. A., Brohman, M. K., Gallupe, R. B. (2016). Information Systems Control: A Review and Framework for Emerging Information Systems Processes. Journal of the Association for Information Systems, 17 (4), 216-266.
Cram, W. A., Brohman, M. K., Gallupe, R. B. (2016). Hitting a moving target: A process model of information systems control change. Information Systems Journal, 26 (3), 195-226.
Cram, W. A., D'Arcy, J. (2016). Teaching Information Security in Business Schools: Current Practices and a Proposed Direction for the Future. Communications of the Association for Information Systems, 39 (1), 32-51.
Cram, W. A., Newell, S. (2016). Mindful Revolution or Mindless Trend? Examining Agile Development as a Management Fashion. European Journal of Information Systems, 25 (2), 154-169.
Cram, W. A., Brohman, M. K., Chan, Y. E., Gallupe, R. B. (2016). Information Systems Control Alignment: Complementary and Conflicting Systems Development Controls. Information & Management, 53 (2), 183-196.
Cram, W. A., Brohman, M. K., Gallupe, R. B. (2015). Addressing the Control Challenges of the Enterprise Architecture Process. Journal of Information Systems, 29 (2), 161-182.
Cram, W. A., Brohman, M. K. (2013). Controlling Information Systems Development: A New Typology for an Evolving Field. Information Systems Journal, 23 (2), 137-154.