Search results

1 – 2 of 2
Per page
102050
Citations:
Loading...
Access Restricted. View access options
Article
Publication date: 14 November 2016

Eli Rohn, Gilad Sabari and Guy Leshem

This study aims to investigate information technology security practices of very small enterprises.

643

Abstract

Purpose

This study aims to investigate information technology security practices of very small enterprises.

Design/methodology/approach

The authors perform a formal information security field study using a representative sample. Using the Control Objectives for IT (COBIT) framework, the authors evaluate 67 information security controls and perform 206 related tests. The authors state six hypotheses about the findings and accept or reject those using inferential statistics. The authors explain findings using the social comparison theory and the rare events bias theory.

Findings

Only one-third of all the controls examined were designed properly and operated as expected. About half of the controls were either ill-designed or did not operate as intended. The social comparison theory and the rare events bias theory explain managers’s reliance on small experience samples which in turn leads to erroneous comprehension of their business environment, which relates to information security.

Practical implications

This information is valuable to executive branch policy makers striving to reduce information security vulnerability on local and national levels and small business organizations providing information and advice to their members.

Originality/value

Information security surveys are usually over-optimistic and avoid self-incrimination, yielding results that are less accurate than field work. To obtain grounded facts, the authors used the field research approach to gather qualitative and quantitative data by physically visiting active organizations, interviewing managers and staff, observing processes and reviewing written materials such as policies, procedure and logs, in accordance to common practices of security audits.

Details

Information & Computer Security, vol. 24 no. 5
Type: Research Article
ISSN: 2056-4961

Keywords

Access Restricted. View access options
Article
Publication date: 3 November 2020

Mehrnoush Sarafan, Brian Squire and Emma Brandon–Jones

Past research has shown that culture has significant effects on people's evaluation of and responses to risk. Despite this important role, the supply chain risk literature has…

812

Abstract

Purpose

Past research has shown that culture has significant effects on people's evaluation of and responses to risk. Despite this important role, the supply chain risk literature has been silent on this matter. The purpose of this paper is to examine the impact of cultural value orientations on managerial perception of and responses to a supply disruption risk.

Design/methodology/approach

The authors conduct a scenario-based experiment to investigate the effect of cultural value orientations – i.e. individualism-collectivism and uncertainty avoidance – on individuals' perception of risk and supplier switching intention in the face of a supply disruption.

Findings

The findings highlight the negative effect of individualism-collectivism on disruption risk perception and switching intention in high uncertain circumstances. However, these relationships are non-significant in relatively less uncertain situations. Moreover, the findings show that the impact of uncertainty avoidance on risk perception and supplier switching is positive and significant in both low and high uncertain circumstances.

Originality/value

Extant research has traditionally assumed that when confronted with disruption risks, managers make decisions using an economic utility model, to best serve the long-term objectives of the firm. This paper draws from advances of behavioural research to show that cultural value orientations influence such decisions through a mediating mechanism of subjective risk perception.

Details

International Journal of Operations & Production Management, vol. 40 no. 11
Type: Research Article
ISSN: 0144-3577

Keywords

1 – 2 of 2
Per page
102050