S.A. Kokolakis, A.J. Demopoulos and E.A. Kiountouzis
The increasing reliance of organisations on information systems connected to or extending over open data networks has established information security as a critical success factor…
Abstract
The increasing reliance of organisations on information systems connected to or extending over open data networks has established information security as a critical success factor for modern organisations. Risk analysis appears to be the predominant methodology for the introduction of security in information systems (IS). However, risk analysis is based on a very simple model of IS as consisting of assets, mainly data, hardware and software, which are vulnerable to various threats. Thus, risk analysis cannot provide for an understanding of the organisational environment in which IS operate. We believe that a comprehensive methodology for information systems security analysis and design (IS‐SAD) should incorporate both risk analysis and organisational analysis, based on business process modelling (BPM) techniques. This paper examines the possible contribution of BPM techniques to IS‐SAD and identifies the conceptual and methodological requirements for a technique to be used in this context. Based on these requirements, several BPM techniques have been reviewed. The review reveals the need for either adapting and combining current techniques or developing new, specialised ones.
Details
Keywords
The purpose of this paper is to make explicit why security needs to be viewed as a core activity and why senior management need to view security from a holistic perspective…
Abstract
Purpose
The purpose of this paper is to make explicit why security needs to be viewed as a core activity and why senior management need to view security from a holistic perspective. Reference is made to various activities carried out by computer hackers and the costs associated with computer related crime.
Design/methodology/approach
A literature review was undertaken and a conceptual security model was produced. The key elements of the activities associated with security were highlighted and the links between the activities were made clear.
Findings
Organized criminal syndicates and international terrorist groups are increasing their level of activity. Senior managers within companies need to put in place an intelligence and security strategy to counter the activities of criminals and terrorists. Furthermore, senior managers will in the future have to work more closely with law enforcement representatives and industry representatives. They will also have to develop an appreciation of the strategic intelligence objectives of various governments. There is also evidence that senior management need to pay greater attention to identifying future threats associated with advances in internet technology.
Research limitations/implications
More attention will need to be given to how facilitating technology such as the internet is providing computer hackers and criminals with ways to either disrupt business activities or extend the range of criminal activities that they are engaged in.
Practical implications
Senior management will need to refocus on the capability of staff vis‐à‐vis corporate intelligence and security work. The learning organization concept can be embraced and can be used to assist staff to identify the advantages associated with effective knowledge management. Scenario analysis and simulation exercises can be used to train staff in emergency work, and disaster management and prevention.
Originality/value
A diverse range of topics is covered and integrated into a security‐oriented context. Attention is focused on the link between organized criminal syndicates and international terrorist groups, and why senior managers in companies need to be engaged in disaster management recovery planning. The material highlights why senior managers in companies need to develop business contingency plans and embrace the counterintelligence concept.
Details
Keywords
Elspeth McFadzean, Jean‐Noel Ezingeard and David Birchall
Information security is becoming increasingly more important as organisations are endangered by a variety of threats from both its internal and external environments. Many…
Abstract
Purpose
Information security is becoming increasingly more important as organisations are endangered by a variety of threats from both its internal and external environments. Many theorists now advocate that effective security policies should be created at senior management level. This is because executives are able to evaluate the organisation using a holistic approach as well as having the power to ensure that new systems and procedures are implemented in a timely manner. There is, however, a continuing lack of understanding regarding the strategic importance of managing information security. In addition, there is a gap in the literature on the relationship between directors and information security strategy. This paper attempts to close this gap by exploring how directors perceive their organisation's security and what factors influence their decisions on the development and implementation of information security strategy.
Design/methodology/approach
The research is based on constructivist grounded theory. Forty‐three interviews were conducted at executive level in 29 organisations. These interviews were then coded and analysed in order to develop new theory on directors' perception of risk and its effect on the development and implementation of information security strategy.
Findings
The analysis shows that senior managers' engagement with information security is dependent on two key variables: the strategic importance of information systems to their organisation and their perception of risk. Additionally, this research found that these two variables are affected by both organisational contextual factors and the strategic and operational actions undertaken within the business. Furthermore, the results demonstrated that the two board variables also have an impact on the organisation's environment as well as its strategic and operational actions. This paper uses the data gathered from the interviews to develop a model of these factors. In addition, a perception grid is constructed which illustrates the potential concerns that can drive board engagement.
Practical implications
The paper illustrates the advantages of using the perception grid to understand and develop current and future information security issues.
Originality/value
The paper investigates how organisational directors perceive information security and how this perception influences the development of their information security strategy.
Details
Keywords
Ashleigh Saunders and Karen E. Waldie
Autism spectrum disorder (ASD) is a lifelong neurodevelopmental condition for which there is no known cure. The rate of psychiatric comorbidity in autism is extremely high, which…
Abstract
Purpose
Autism spectrum disorder (ASD) is a lifelong neurodevelopmental condition for which there is no known cure. The rate of psychiatric comorbidity in autism is extremely high, which raises questions about the nature of the co-occurring symptoms. It is unclear whether these additional conditions are true comorbid conditions, or can simply be accounted for through the ASD diagnosis. The paper aims to discuss this issue.
Design/methodology/approach
A number of questionnaires and a computer-based task were used in the current study. The authors asked the participants about symptoms of ASD, attention deficit hyperactivity disorder (ADHD) and anxiety, as well as overall adaptive functioning.
Findings
The results demonstrate that each condition, in its pure form, can be clearly differentiated from one another (and from neurotypical controls). Further analyses revealed that when ASD occurs together with anxiety, anxiety appears to be a separate condition. In contrast, there is no clear behavioural profile for when ASD and ADHD co-occur.
Research limitations/implications
First, due to small sample sizes, some analyses performed were targeted to specific groups (i.e. comparing ADHD, ASD to comorbid ADHD+ASD). Larger sample sizes would have given the statistical power to perform a full scale comparative analysis of all experimental groups when split by their comorbid conditions. Second, males were over-represented in the ASD group and females were over-represented in the anxiety group, due to the uneven gender balance in the prevalence of these conditions. Lastly, the main profiling techniques used were questionnaires. Clinical interviews would have been preferable, as they give a more objective account of behavioural difficulties.
Practical implications
The rate of psychiatric comorbidity in autism is extremely high, which raises questions about the nature of the co-occurring symptoms. It is unclear whether these additional conditions are true comorbid conditions, or can simply be accounted for through the ASD diagnosis.
Social implications
This information will be important, not only to healthcare practitioners when administering a diagnosis, but also to therapists who need to apply evidence-based treatment to comorbid and stand-alone conditions.
Originality/value
This study is the first to investigate the nature of co-existing conditions in ASD in a New Zealand population.
Details
Keywords
R.J. Hartley and I. Trohopoulos
The authors undertook a tour of Greek libraries in the Spring of 1990 in order to present a report to their sponsors (the British Council and the Greek Ministry of Education) on…
Abstract
The authors undertook a tour of Greek libraries in the Spring of 1990 in order to present a report to their sponsors (the British Council and the Greek Ministry of Education) on the possibilities for, and the problems associated with the application of information technology in Greek public libraries. The paper provides an overview of the general framework (administrative, legal and financial) within which the different library sectors operate in Greece. It also includes an introduction to the state of professional education and development. The problems which hamper the increased use of information technology are outlined and prospects for future developments are discussed.
Lilian Mwanri and Jeffrey Fuller
Describes the development of a management plan for prevention of falls and reduction of falls injuries for older and frail people in the community, nursing homes and acute care…
Abstract
Describes the development of a management plan for prevention of falls and reduction of falls injuries for older and frail people in the community, nursing homes and acute care settings in Whyalla, South Australia. Falls among the elderly have been described as the most common causes of injury and hospital admissions for trauma in Australia. Prevention and control of injury is one of the five National Health Policy Priority Areas in Australia. As a response to the national initiative, and a felt need, the South Australian Centre for Rural and Remote Health was commissioned by the local health service to develop a plan that would address falls prevention in the older people in Whyalla. The plan was developed in consultation with the key stakeholders. An evidence‐based plan that uses messages from the scientific literature but modified to account for stakeholders’ feedback on what is feasible in practice, is considered a good example of best practice. Furthermore, the alignment of literature review alongside stakeholders’ consultation provides higher chances of the plan being adopted locally.
Details
Keywords
The purpose of this paper is to examine how corporate executives of companies are using blogging as a new communications channel.
Abstract
Purpose
The purpose of this paper is to examine how corporate executives of companies are using blogging as a new communications channel.
Design/methodology/approach
The paper presents an overview of the blogging phenomenon, placing it in context of the larger growth of Web 2.0 and user‐generated content. The paper provides the reader with a primer on blogs and how they can be used effectively by executives, as well as looking at the importance of monitoring the blogosphere for what is being said by and about a company.
Findings
Over 50 corporate CEOs were found who are presently engaged in blogging. The research also identifies companies where employees have been fired for blogging and presents best practices in blogging and blog policies.
Research limitations/implications
The principal limitation of the research is that as blogging is a rapidly growing and evolving area, the present results on executive blogging are accurate only for the moment. The implications of this research are that it provides the foundation for surveying not only the status of blogging by managers but also an agenda for blogging research, which might examine blogging behaviours, develop blog metrics and look toward the return on investment of blogging.
Practical implications
The paper reveals the benefits of managerial blogging for both the company and the individual. It also examines issues concerned with human resources, financial disclosure and policy development that have arisen because of the rise of blogging within companies.
Originality/value
The paper represents a timely review of a rapidly evolving social network and its associated communications technology, providing both management practitioners and academicians with insights into managing in a new age.
Details
Keywords
Liz Doherty and Simonetta Manfredi
This paper aims to show the extent to which an action research approach, which incorporates learning from previous studies and interventions, can be used to progress work‐life…
Abstract
Purpose
This paper aims to show the extent to which an action research approach, which incorporates learning from previous studies and interventions, can be used to progress work‐life balance (WLB) policies and practices in a university context.
Design/methodology/approach
The paper builds on the now considerable knowledge relating to the theory and practice of WLB. It adopts an action research/change management approach as part of a project partly funded by the Department for Trade and Industry partnership scheme. Specific methods utilised include a fundamental review of organisational policy using an evaluative matrix and an analysis of the outcomes of four workshops with 51 line managers.
Findings
The findings show considerable differences between the experiences of administrative, professional, technical and clerical (APT&C) staff and academics. In particular, APT&C staff seek a greater sense of “entitlement” and more trust and autonomy, whereas academic staff seek a more manageable work load. By moving through the stages of the action research cycle, many of the limitations associated with past WLB initiatives can be overcome for APT&C staff. By comparison, universities' disinclination to tackle academic work intensification is best explained by the lack of labour market pressure to do so and the fact that sustainable WLB does not constitute part of the “tablestakes” of academic employment.
Originality/value
The paper presents theoretical models, together with practical approaches for embedding WLB into organisational cultures. It also offers theoretical explanations for employers' predisposition to adopt WLB change programmes.