L. Labuschagne and J.H.P. Eloff
Using new concepts, such as those on which Java is based, it is now possible to define a new framework within which risk analyses can be performed on electronic communications. In…
Abstract
Using new concepts, such as those on which Java is based, it is now possible to define a new framework within which risk analyses can be performed on electronic communications. In order truly to be effective, risk analyses must be done in real time, owing to the dynamic nature of open, distributed public networks. The strength of these public networks lies in the many routes available for a message to travel from point A to point B, thus ensuring that the message will be delivered. These many routes, however, also constitute the biggest security weakness in public networks, as it is impossible proactively to determine the route a message will follow. In a bid to compensate for the said weakness, this article will be devoted to a discussion on a framework in terms of which Real‐time Risk Analysis (RtRA) can, henceforth, be performed to determine a risk value for a communications session, rather than for the network components used on routes that need to be fixed and known in advance, as for conventional risk analysis. A communication session is defined as the transfer of data between two hosts; for example, exchanging e‐mail messages over open, distributed public networks RtRA produces a risk value that can be used to determine the appropriate countermeasures with which to minimise the risk associated with a communication session.
Details
Keywords
Palaniappan Shamala, Rabiah Ahmad, Ali Hussein Zolait and Shahrin bin Sahib
Information security has become an essential entity for organizations across the globe to eliminate the possible risks in their organizations by conducting information security…
Abstract
Purpose
Information security has become an essential entity for organizations across the globe to eliminate the possible risks in their organizations by conducting information security risk assessment (ISRA). However, the existence of numerous different types of risk assessment methods, standards, guidelines and specifications readily available causes the organizations to face the daunting tasks in determining the most suitable method that would augur well in meeting their needs. Therefore, to overcome this tedious process, this paper suggests collective information structure model for ISRA.
Design/methodology/approach
The proposed ISRA model was developed by deploying a questionnaire using close-ended questions administrated to a group of information security practitioners in Malaysia (N = 80). The purpose of the survey was to strengthen and add more relevant additional features to the existing framework, as it was developed based on secondary data.
Findings
Previous comparative and analyzed studies reveals that all the six types of ISRA methodologies have features of the same kind of information with a slight difference in form. Therefore, questionnaires were designed to insert additional features to the research framework. All the additional features chosen were based on high frequency of more than half percentage agreed responses from respondents. The analyses results inspire in generating a collective information structure model which more practical in the real environment of the workplace.
Practical implications
Generally, organizations need to make comparisons between methodologies and decide on the best due to the inexistence of agreed reference benchmark in ISRA methodologies. This tedious process leads to unwarranted time, money and energy consumption.
Originality/value
The collective information structure model for ISRA aims to assist organizations in getting a general view of ISRA flow and gathering information on the requirements to be met before risk assessment can be conducted successfully. This model can be conveniently used by organizations to complete all the required planning as well as to select the suitable methods to complete the ISRA.
Details
Keywords
Mariko Yang-Yoshihara, Simon Kerridge and Susi Poli
This final chapter, presented by the book’s three Editors, provides a reflection and discussion of the key findings presented throughout the book. First, it delves into the book’s…
Abstract
This final chapter, presented by the book’s three Editors, provides a reflection and discussion of the key findings presented throughout the book. First, it delves into the book’s vision and the process of creation. The findings in the book affirm the continuous growth of the field, highlight the diverse nature of the RMA landscape, and reveal the substantial variation in the status of the profession and the availability of data among regions and countries. To understand the unique features of the RMA profession from multitude of angles and in each country’s context, the Editors emphasize the importance of inviting authors to share their perspectives in their own voices and styles, which became central to the book’s mission. Second, this chapter presents discussions on pivotal findings in four areas: (1) growth of the RMA profession in specific countries and regions, (2) crucial contribution of professional associations to advancing RMA, (3) essential soft skills for RMAs and promotion of diversity, equity, and inclusion, and (4) advancing RMA through increasing training and capacity-building initiatives. This chapter also alludes to potential policy implications and concludes with the Editors’ hope that the book serves as a catalyst for further exploration of the RMA field and RMA professions.
Details
Keywords
L. Labuschagne and J.H.P. Eloff
The major reason why most people are still sceptical about electronic commerce is the perceived security risks associated with electronic transactions over the Internet. The…
Abstract
The major reason why most people are still sceptical about electronic commerce is the perceived security risks associated with electronic transactions over the Internet. The Internet, however, holds many opportunities that could mean survival or competitive advantage for many organisations. To exploit these opportunities, it is important to first analyse the risks they hold. Electronic commerce is based on business as well as technological risks, making it a very difficult environment to secure. Apart from these two types of risk categories there are several other issues and problems that need to be addressed.
Details
Keywords
Dimitrios Maditinos, Dimitrios Chatzoudes and Charalampos Tsairidis
Enterprise resource planning (ERP) systems enhance productivity and working quality by offering integration, standardization and simplification of multiple business transactions…
Abstract
Purpose
Enterprise resource planning (ERP) systems enhance productivity and working quality by offering integration, standardization and simplification of multiple business transactions. The present study seeks to introduce a conceptual framework that investigates the way that human inputs (top management, users, external consultants) are linked to communication effectiveness, conflict resolution and knowledge transfer in the ERP consulting process, as well as the effects of these factors on ERP system effective implementation.
Design/methodology/approach
The examination of the proposed conceptual framework was made with the use of a newly developed questionnaire. The questionnaire was distributed to a group of 361 Greek companies that have implemented an ERP system. Information technology (IT) managers were selected as the key respondents of the questionnaire. After the completion of the four month research period (September to December 2008), 108 usable questionnaires were returned (response rate=31 percent approximately). The empirical data were analyzed using the structural equation modelling technique (Lisrel 8.74).
Findings
The main findings of the empirical study can be summarized in the following categories: the assistance provided by external consultants during the ERP implementation process is essential; knowledge transfer is an extremely significant factor for ERP system success; knowledge transfer concerning technical aspects of ERP systems is more important than effective handling of communication, as well as conflict resolution among organizational members; the role of top management support seems to be of less importance that the one provided by users.
Research limitations/implications
The present study is limited by the poor definition of its population (due to lack of available data) and the relatively small size of the sample.
Practical implications
The paper points out areas that adopting companies should emphasize in order to successfully implement an ERP system and, therefore, harvest its potential benefits.
Originality/value
The paper proposes an enhanced conceptual framework that examines vital issues concerning ERP system effective implementation, thus, providing valuable outcomes for decision makers and academics. The originality of the paper lies in its three dimensional approach.
Details
Keywords
Though prior studies have attempted to explore the various effects of managing information technology (IT) investment on firm performance, the mechanism through which management…
Abstract
Purpose
Though prior studies have attempted to explore the various effects of managing information technology (IT) investment on firm performance, the mechanism through which management of IT impact on firm performance rests less clear. The purpose of this study is to examine the impact of managing IT and business-IT alignment on firm performance.
Design/methodology/approach
Drawing on the resource-based theory and process theory, this study examines how managing IT impacts business-IT alignment and firm performance. The primary survey of 182 responses from IT and business managers from Sri Lanka was empirically examined.
Findings
The findings reveal that managing IT has a positive and strong impact on business-IT alignment and firm performance. Further, business-IT alignment partially mediates between managing IT investment and firm performance relationships.
Research limitations/implications
Today, businesses have invested a massive amount of money in IT investment, and the return on this investment is always a serious concern for managers and industry practitioners. This study finding proposes meaningful insights on managing IT, business-IT alignment and firm performance.
Originality/value
This study opens up the black box on the above nomological linkage and contributes to the literature by extending the theoretical lenses while suggesting insightful and practical implications.
Details
Keywords
Pantelis Longinidis and Katerina Gotzamani
Enterprise resource planning (ERP) systems are sophisticated information technologies (ITs) that enable companies to gain noticeable advantages over their rivals. However, these…
Abstract
Purpose
Enterprise resource planning (ERP) systems are sophisticated information technologies (ITs) that enable companies to gain noticeable advantages over their rivals. However, these systems are neither a panacea to competition, nor a medium guaranteeing success. Neglecting a number of important factors in ERP systems implementation might very easily lead to failure instead of success. User satisfaction issues are among those factors that have a semantic impact on ERP systems' success. In this direction, this paper aims to examine the key factors that constitute ERP users' satisfaction and to explore whether ERP users' satisfaction varies among different users' profiles.
Design/methodology/approach
An instrument is constructed based mainly on previous ERP users' satisfaction studies. The instrument is then provided to a sample of 68 users within a Greek energy supply organization and also a personal interview is conducted with the chief information officer. Exploratory factor analysis, multiple regression analysis, and statistical inference tests are employed in order to test the research hypotheses.
Findings
The results indicate that three main components affect the level of satisfaction of an ERP user: “interaction with the IT department,” “pre‐implementation processes,” and “ERP product and adaptability.” Furthermore, a different satisfaction level has been traced among users from different departments.
Originality/value
This paper presents substantive evidence regarding ERP user satisfaction constituents and further suggests appropriate practices to better manage various behavioral aspects of ERP systems.
Details
Keywords
Mei Ling Keong, Thurasamy Ramayah, Sherah Kurnia and Lo May Chiun
This paper proposes an extended model based on the unified theory of acceptance and use of technology (UTAUT) developed by Venkatesh et al. To help better explain the intention to…
Abstract
Purpose
This paper proposes an extended model based on the unified theory of acceptance and use of technology (UTAUT) developed by Venkatesh et al. To help better explain the intention to use an enterprise resource planning (ERP) system.
Design/methodology/approach
Findings from the literature review reveal that various technology acceptance models have been introduced in the past two decades. However, there are new research models that lack empirical study. With the research model proposed above, further study could be carried out to gauge whether this model can better explain end‐users' intentions to use an ERP system.
Findings
The review shows that although there has been research conducted using the UTAUT model, it has not decomposed the facilitating conditions as the authors suggest in this paper, which will be useful for intervention purposes.
Research imitations/implications
Since this paper suggests a conceptual model based on a literature review, it is suggested that further study could be carried out to test whether this model can better explain end‐users' intentions to use ERP systems.
Practical implications
The review shows that shared beliefs, project communication and training can be used to offer intervention measures to help in the adoption and usage of ERP.
Originality/value
What this paper proposes is to drop the voluntariness variable from the model as a moderating factor, justifying this exclusion based on the fact that an ERP system implementation is mandatory and there is little room for the employees to oppose once the system is implemented. The authors also suggest further decomposing the facilitating condition into three components, namely shared beliefs, project communication and training can help in the design of intervention measures.
Details
Keywords
Four term‐weighting schemes are used to detect information‐rich passages in texts and the results are compared. It is demonstrated that word categories and frequency‐derived…
Abstract
Four term‐weighting schemes are used to detect information‐rich passages in texts and the results are compared. It is demonstrated that word categories and frequency‐derived weights have a close correlation but that weighting according to the first mention theory or the cue‐method shows no correlation with frequency‐based weights.