This paper describes the process of inducting theory using case studies—from specifying the research questions to reaching closure. Some features of the process, such as problem definition and construct validation, are similar to hypothesis-testing research. Others, such as within-case analysis and replication logic, are unique to the inductive, case-oriented process. Overall, the process described here is highly iterative and tightly linked to data. This research approach is especially appropriate in new topic areas. The resultant theory is often novel, testable, and empirically valid. Finally, framebreaking insights, the tests of good theory (e.g., parsimony, logical coherence), and convincing grounding in the evidence are the key criteria for evaluating this type of research.
I appreciate the helpful comments of Paul Adler, Kennith Bettenhausen, Constance Gersick, James Frederickson, James Jucker, Deborah Myerson, Dorothy Leonard-Barton, Robert Sutton, and the participants in (the Stanford NIMH Colloquium. I also benefitted from informal conversations with many participants at the National Science Foundation Conference on Longitudinal Research Methods in Organizations, Austin, 1988.
- © Academy of Management Review
Your browser is not secure
You're seeing this page because your web browser tried to connect to Warwick's website with insecure settings. Please upgrade your web browser.
The TLS 1.0 encryption protocol is disabled across the University's web services. Disabling TLS 1.0 prevents it from being used to access Warwick websites via an insecure web browser or application. We've made this change to keep the University's websites safe and secure.
What do I need to do?
When accessing websites using a web browser, ensure you use the latest available version of the browser – whether that is Internet Explorer, Google Chrome, Mozilla Firefox, Safari or another browser. Using the latest version keeps you safe online because you're using the most up-to-date security settings.
Why is this happening?
Although TLS 1.0, when configured properly, has no known security vulnerabilities, newer protocols are designed better to address the potential for new vulnerabilities.
The PCI Data Security Standard 3.1 recommends disabling “early TLS”:
“SSL and early TLS are not considered strong cryptography and cannot be used as a security control after June 30, 2016 [without a mitigation strategy for disabling it before June 2018].
The best response is to disable SSL entirely and migrate to a more modern encryption protocol, which at the time of publication is a minimum of TLS v1.1, although entities are strongly encouraged to consider TLS v1.2.”
We need to be PCI-compliant to take online payments at the University. It is not sufficient to merely disable TLS 1.0 on our transaction tracking system as the requirement extends to any system that initiates a payment, including car parking, printer credits, the Warwick website, etc.