Assistant Professor, Information Systems

Professor W. Alec CramOffice: HH 290A

Contact: 519-888-4567, ext. 38060



Alec graduated from Queen’s University in 2002 and worked as an IT Audit Manager at Deloitte before completing his MSc (2009) and PhD (2013). He is also a Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP). Prior to joining the University of Waterloo, Alec was on the faculty of Bentley University from 2013-2019. His research focuses on how information systems governance and control initiatives can contribute to improving the performance of organizational processes. Alec's work has been published or is forthcoming in a variety of outlets, including the Information Systems Journal, European Journal of Information Systems, MIS Quarterly, Journal of the Association for Information Systems, Information & Management, and Information Systems Research.

Selected Publications

Cram, W. A., Wiener, M. S. (2020). Technology-Mediated Control: Case Examples and Research Directions for the Future of Organizational Control. Communications of the Association for Information Systems, 46 (4), 70-91.

Wiener, M. S., Mähring, M., Remus, U., Saunders, C., Cram, W. A. (2019). Moving IS Project Control Research into the Digital Era: The ‘Why’ of Control and the Concept of Control Purpose. Information Systems Research, 30 (4), 1387-1401.

Cram, W. A., D'Arcy, J., Proudfoot, J. G. (2019). Seeing the Forest and the Trees: A Meta-Analysis of the Antecedents to Information Security Policy Compliance. MIS Quarterly, 43 (2), 525-554.

Cram, W. A. (2019). Agile Development in Practice: Lessons from the Trenches. Information Systems Management, 36 (1), 2-14.

Cram, W. A., Wiener, M. S. (2018). Perceptions of Control Legitimacy in Information Systems Development. Information Technology & People, 31 (3), 712-740.

Cram, W. A., Marabelli, M. (2018). Have Your Cake and Eat it Too? Simultaneously Pursuing the Knowledge Sharing Benefits of Agile and Traditional Development Approaches. Information & Management, 55 (3), 322-339.

Cram, W. A., Proudfoot, J. G., D'Arcy, J. (2017). Organizational Information Security Policies: A Review and Research Framework. European Journal of Information Systems, 26 (6), 605-641.

Cram, W. A., Gallupe, R. B. (2016). A Method to Evaluate Information Systems Control Alignment. Journal of Information Systems, 30 (1), 117-135.

Cram, W. A., Brohman, M. K., Gallupe, R. B. (2016). Information Systems Control: A Review and Framework for Emerging Information Systems Processes. Journal of the Association for Information Systems, 17 (4), 216-266.

Cram, W. A., Brohman, M. K., Gallupe, R. B. (2016). Hitting a moving target: A process model of information systems control change. Information Systems Journal, 26 (3), 195-226.

Cram, W. A., D'Arcy, J. (2016). Teaching Information Security in Business Schools: Current Practices and a Proposed Direction for the Future. Communications of the Association for Information Systems, 39 (1), 32-51.

Cram, W. A., Newell, S. (2016). Mindful Revolution or Mindless Trend? Examining Agile Development as a Management Fashion. European Journal of Information Systems, 25 (2), 154-169.

Cram, W. A., Brohman, M. K., Chan, Y. E., Gallupe, R. B. (2016). Information Systems Control Alignment: Complementary and Conflicting Systems Development Controls. Information & Management, 53 (2), 183-196.

Cram, W. A., Brohman, M. K., Gallupe, R. B. (2015). Addressing the Control Challenges of the Enterprise Architecture Process. Journal of Information Systems, 29 (2), 161-182.

Cram, W. A., Brohman, M. K. (2013). Controlling Information Systems Development: A New Typology for an Evolving Field. Information Systems Journal, 23 (2), 137-154.

University of Waterloo

Profiles by type