Search results

1 – 10 of 120
Per page
102050
Citations:
Loading...
Available. Open Access. Open Access
Article
Publication date: 12 November 2018

Stefan Fenz and Thomas Neubauer

The purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and…

3925

Abstract

Purpose

The purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and, therefore, the cost efficiency of the information security compliance checking process. The authors advanced the state-of-the-art by developing and applying the method to ISO 27002 information security controls and by developing a semantic decision support system.

Design/methodology/approach

The research has been conducted under design science principles. The formalized information security controls were used in a compliance/risk management decision support system which has been evaluated with experts and end-users in real-world environments.

Findings

There are different ways of obtaining compliance to information security standards. For example, by implementing countermeasures of different quality depending on the protection needs of the organization. The authors developed decision support mechanisms which use the formal control descriptions as input to support the decision-maker at identifying the most appropriate countermeasure strategy based on cost and risk reduction potential.

Originality/value

Formalizing and mapping the ISO 27002 controls to the security ontology enabled the authors to automatically determine the compliance status and organization-wide risk-level based on the formal control descriptions and the modelled environment, including organizational structures, IT infrastructure, available countermeasures, etc. Furthermore, it allowed them to automatically determine which countermeasures are missing to ensure compliance and to decrease the risk to an acceptable level.

Details

Information & Computer Security, vol. 26 no. 5
Type: Research Article
ISSN: 2056-4961

Keywords

Access Restricted. View access options
Article
Publication date: 17 April 2009

Thomas Neubauer

Recently, business process management (BPM) is among the most important managerial topics because it allows companies an agile adaptation to changing business requirements…

5052

Abstract

Purpose

Recently, business process management (BPM) is among the most important managerial topics because it allows companies an agile adaptation to changing business requirements. Consultants and researchers are regularly proposing new methods and concepts based on BPM for further increasing the efficiency of corporate processes. However, from an empirical point of view it is crucial to determine the current status in practice and derive goals for research and technology transfer. This paper aims to address these issues.

Design/methodology/approach

For this reason the survey “Status Quto Business Process Management” is carried out in Austria, Germany, and Switzerland on a yearly basis. This survey aims at identifying current trends and strategic plans of companies as well as its realization in practice and highlights the remaining steps towards the process (‐focused) organization (PFO). The paper summarizes the results of the survey carried out in 2006 among 185 decision makers and shows a comparison with the results of the previous years as well as comparable surveys.

Findings

This paper analyzes the current state of BPM in the market, analyzes the strategic, organizational and technical aspects of BPM in the participating companies. The survey shows that although the majority of the participating companies are involved with BPM initiatives, only a very small number of companies follows holistic approaches and has reached the status of a PFO.

Research limitations/implications

As the survey especially focused on IT‐driven companies a limitation of this survey could be seen in the fact that it does not exactly cover the branch distribution of the population, e.g. the financial sector is over‐represented due to the fact that the survey included branch specific questions for the financial sector (note that these questions are not part of this paper). However, the comparison with the surveys “BP Report” and “State of BPM” shows that these surveys come with similar distributions of the branches.

Practical implications

This paper provides a very useful source for companies in benchmarking their status regarding BPM. It provides them with information that allows to compare their status on the way towards a PFO with their competitors.

Originality/value

This paper provides a very useful source for companies in benchmarking their status regarding BPM. The survey does not only investigate what is being done by the participating companies but also interested in the reasons why it is done. Compared to existing surveys it: investigates connections between processes and business strategy, process risk handling, references models, as well as methods for evaluating the contributions of IT to the business processes; uses statistical methods for measuring the significance of the results and; has a specific focus on companies in the Germany‐speaking countries Austria, Germany and Switzerland.

Details

Business Process Management Journal, vol. 15 no. 2
Type: Research Article
ISSN: 1463-7154

Keywords

Access Restricted. View access options
Article
Publication date: 10 November 2014

Stefan Fenz, Johannes Heurix, Thomas Neubauer and Fabian Pechstein

The purpose of this paper is to give an overview of current risk management approaches and outline their commonalities and differences, evaluate current risk management approaches…

12650

Abstract

Purpose

The purpose of this paper is to give an overview of current risk management approaches and outline their commonalities and differences, evaluate current risk management approaches regarding their capability of supporting cost-efficient decisions without unnecessary security trade-offs, outline current fundamental problems in risk management based on industrial feedback and academic literature and provide potential solutions and research directions to address the identified problems. Despite decades of research, the information security risk management domain still faces numerous challenges which hinder risk managers to come up with sound risk management results.

Design/methodology/approach

To identify the challenges in information security risk management, existing approaches are compared against each other, and as a result, an abstracted methodology is derived to align the problem and solution identification to its generic phases. The challenges have been identified based on literature surveys and industry feedback.

Findings

As common problems at implementing information security risk management approaches, we identified the fields of asset and countermeasure inventory, asset value assignment, risk prediction, the overconfidence effect, knowledge sharing and risk vs. cost trade-offs. The reviewed risk management approaches do not explicitly provide mechanisms to support decision makers in making an appropriate risk versus cost trade-offs, but we identified academic approaches which fulfill this need.

Originality/value

The paper provides a reference point for professionals and researchers by summing up the current challenges in the field of information security risk management. Therefore, the findings enable researchers to focus their work on the identified real-world challenges and thereby contribute to advance the information security risk management domain in a structured way. Practitioners can use the research results to identify common weaknesses and potential solutions in information security risk management programs.

Details

Information Management & Computer Security, vol. 22 no. 5
Type: Research Article
ISSN: 0968-5227

Keywords

Access Restricted. View access options
Article
Publication date: 17 October 2008

Jelena Petrovic

This paper seeks to examine the current debate regarding the role of a board director.

6123

Abstract

Purpose

This paper seeks to examine the current debate regarding the role of a board director.

Design/methodology/approach

A comprehensive review of the corporate governance (CG) literature is undertaken, with a particular focus on director contribution to board effectiveness.

Findings

The literature review revealed a number of issues in the CG literature that highlight the need to clarify board director role and pay closer attention to the processes needed for directors to perform their role effectively. These issues have broadly been classified into: conceptual issues regarding board effectiveness and director contribution; a methodological issue of level of analysis (board as a group and a director as individual); failure of much of the literature to account for the external context in which the board directors operate; and prescriptive nature of the literature.

Originality/value

Issues pertinent to the CG literature identified in this paper hold theoretical and practical implications.

Details

Management Decision, vol. 46 no. 9
Type: Research Article
ISSN: 0025-1747

Keywords

Access Restricted. View access options
Book part
Publication date: 16 August 2016

Thomas Schmalzer and Doris Kiendl-Wendner

This chapter provides an example of how a young higher education institution, with only 20 years of existence and around 4,000 students, located in a small town in central Europe…

Abstract

This chapter provides an example of how a young higher education institution, with only 20 years of existence and around 4,000 students, located in a small town in central Europe, has established and has been maintaining high profile networks and international collaborations with universities and industry. This case focuses on one particular department within the university, the “Institute of International Management,” which has spearheaded this development over the past decade. The initiative originated on the departmental level and subsequently produced spillover effects for the entire university.

Despite budgetary constraints and a locational disadvantage compared to universities in large urban agglomerations of developed countries, a broadly based international mobility alongside intense collaboration in research has been achieved. This has been reached through an integrated strategic approach combining specific teaching activities (study abroad, project classes, joint degrees, quality assurance, massive open online courses, and more), R&D, networks as well as motivated and qualified staff.

This case illustrates how universities from developed countries in Europe, the United States, Australia, parts of Asia, and Latin America, irrespective of size, brand name, location, and financial endowments, are able to internationalize and build sustainable partnerships to the benefit of students, faculty, and a wider group of stakeholders.

Details

University Partnerships for Academic Programs and Professional Development
Type: Book
ISBN: 978-1-78635-299-6

Keywords

Access Restricted. View access options
Article
Publication date: 6 January 2012

Anthony Welch

The purpose of this paper is to examine key challenges to effective regionalism for Indonesian higher education (HE), including charting its international engagement in regional…

2616

Abstract

Purpose

The purpose of this paper is to examine key challenges to effective regionalism for Indonesian higher education (HE), including charting its international engagement in regional HE networks and associations, and links to China and the Islamic world.

Design/methodology/approach

Based on empirical and documentary analysis, the article examines key challenges to effective regionalism for Indonesian HE.

Findings

As a leading stakeholder within ASEAN, Indonesia could be expected to play a major role in such regional networks as ASEAN Universities Network (AUN) as well as APRU, SEAMEO RIHED, and the like. Yet, even relative to some of its regional neighbours, (Singapore, Malaysia, and the somewhat anomalous Australia and New Zealand), the Indonesian HE system is peripheral, with a relatively minor presence in the international knowledge system.

Research limitations/implications

The world's most populous Muslim‐majority nation, and a rising regional power, including within ASEAN, nonetheless Indonesia confronts key challenges in its HE system, both national and international. The rising demand for HE cannot be filled by public sector HEIs alone, while the proliferation of private sector HEIs, some unaccredited, poses significant issues for quality control and governance. Adding to this are external challenges, including the monitoring of international programmes and partnerships. Financing of HE is a further significant constraint, while corruption is also a major influence in Indonesian society, including in HE (thus further raising the governance stakes).

Originality/value

The two examples cited – of Islamic higher education, and of China‐Indonesia relations – each demonstrate the extent, and the limits, of regionalism in Indonesian HE.

Details

Asian Education and Development Studies, vol. 1 no. 1
Type: Research Article
ISSN: 2046-3162

Keywords

Access Restricted. View access options
Book part
Publication date: 4 October 2018

Sebastian P. L. Fourné, Daniel Guessow and Utz Schäffer

We develop and validate measurement instruments for the business partner, watchdog, and scorekeeper roles of controllers. This study addresses calls to enhance the quality of…

Abstract

We develop and validate measurement instruments for the business partner, watchdog, and scorekeeper roles of controllers. This study addresses calls to enhance the quality of survey research in management accounting by devoting more attention to scale development and especially to construct validity. By focusing on the activity sets of the controllers’ roles, we provide a theoretically and empirically grounded picture of their current roles. The measurement instruments presented in this study enable systematic research progress on controller roles, their relationships, antecedents, and performance outcomes.

Details

Performance Measurement and Management Control: The Relevance of Performance Measurement and Management Control Research
Type: Book
ISBN: 978-1-78756-469-5

Keywords

Access Restricted. View access options
Article
Publication date: 1 January 1992

Colin Coulson‐Thomas

Examines the disturbing facts as revealed by a programme of studiesof directors and boards. Directorial qualities and competences aredistinct from the skills that are sought in…

383

Abstract

Examines the disturbing facts as revealed by a programme of studies of directors and boards. Directorial qualities and competences are distinct from the skills that are sought in managers. Nine out of ten directors received no formal preparation for their boardroom appointments; there is little consensus concerning the contribution expected from members of boards; only one in eight boards operates any form of periodic and formal appraisal of personal effectiveness in the boardroom; and three‐quarters of chairmen believe the effectiveness of their companies′ boards could be improved. Examines the role of the board, what makes a “good” director, and what should be done to improve the competence of company directors and the effectiveness of boards. Argues that the distinction between direction and management needs to be better understood, and that the chairman should take responsibility for director competence and board effectiveness. All directors should be made aware of their duties and responsibilities, and the boardroom contributions of individual directors should be assessed annually by the chairman. The board should examine its own effectiveness at least once a year.

Details

Journal of Management Development, vol. 11 no. 1
Type: Research Article
ISSN: 0262-1711

Keywords

Access Restricted. View access options
Article
Publication date: 14 September 2023

Julia T. Thomas and Mahesh Kumar

The purpose of the paper is set to minimize the total cost of a manufacturing system when an acceptance sampling plan (ASP) is carried out in a fuzzy environment.

97

Abstract

Purpose

The purpose of the paper is set to minimize the total cost of a manufacturing system when an acceptance sampling plan (ASP) is carried out in a fuzzy environment.

Design/methodology/approach

A fuzzy acceptance sampling plan (FASP) is employed for the inspection of the batch of products and a fuzzy cost optimization problem is formulated.

Findings

The extent of uncertainty determines an interval for the total cost function with upper and lower bounds. The effect of variation in the ambiguity of the proportion of defectives in the probability of acceptance is determined.

Practical implications

The proposed model is specifically designed for production and supply units with ASP for attributes. Still, the proportion of defectives in the inspection process is fuzzy.

Originality/value

Fuzzy probability distribution is used to model an optimal inspection plan for a general supply chain. Economic design of supply chain under fuzzy proportion of defectives is discussed for the first time.

Details

International Journal of Quality & Reliability Management, vol. 41 no. 3
Type: Research Article
ISSN: 0265-671X

Keywords

Available. Content available
Book part
Publication date: 8 June 2020

Rupert Ward

Free Access. Free Access

Abstract

Details

Personalised Learning for the Learning Person
Type: Book
ISBN: 978-1-78973-147-7

1 – 10 of 120
Per page
102050