Towards a conceptual definition for IT assets through interrogating their nature and epistemic uncertainty

Abstract

Security breaches and consequentially reputational risk are upon us on an almost daily basis. They are part of the risk that beset organizations as they innovate and derive value from their information technology (IT) investments. IT assets that must be identified and safeguarded, and values extracted from them are contributors to the risk. Literature is awash with models of threats to assets and use of mid-range theories. There is a growing literature on digital technologies within digital transformation. However, intrinsic nature and epistemic uncertainty of IT assets have not received attention. Therefore, how can a conceptual definition for IT assets flow from understanding their nature, given their inherent epistemic uncertainty? Drawing from critical realism principles, this paper investigates existing definitions for- and re-interrogates the tangible nature (tangibility) of IT assets. It was found that despite their ubiquity and due to their evolving nature, IT assets lack universal understanding and definition. Executives (and professionals) views about IT assets are informed by their industry sector and role (present and/or previous). Consequently, this paper recommends a conceptual definition of IT assets that would assist; with coherence in the asset identification stage of risk assessment, (possibly IT audits and IT valuation programs), with understanding of the intrinsic nature of IT assets in themselves, and aid organizations in holistically engaging with IT assets. This paper's IT assets definition contributes to the call for theorizing the “IT” in IT. It poses new probing questions about ‘old’, ‘established’ beliefs as IT assets evolve in the era of digital transformation, fourth industrial revolution, knowledge economy and beyond.