scholarly journals The Implementation of Multiple Information Security Governance (ISG) Frameworks Strategy and Critical Success Factors in Indonesia’s Oil and Gas Industry: Case Study of PT X

2020 ◽  
Vol 16 (2) ◽  
pp. 43-56
Author(s):  
Bob Hardian Syahbuddin ◽  
Wachid Yoga Afrida ◽  
Fatimah Azzahro ◽  
Achmad Nizar Hidayanto ◽  
Kongkiti Phusavat
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Oil And Gas ◽  
Oil And Gas Industry ◽  
Gas Industry ◽  
Economic Wealth ◽  
Security Governance ◽  
Inhibiting Factors ◽  
Information Security Governance

Oil and gas industry are among the largest contributor to the Indonesia’s foreign exchange. Many believe that information technology will be major driver for economic wealth in the oil and gas Industry. However, implementing information technology to support corporate business process brings vast information security risks. There is a need of comprehensive information security governance that can comply to information security standards and regulations. This research is conducted to evaluate the use of multiple ISG frameworks for implementing information security governance in a multinational oil and gas company. In detail, we evaluate the effectiveness of such framework, assess its implementation maturity level, and identify the success and inhibiting factors for implementing ISG frameworks. This study shows that framework XYZ, as a multiple ISG framework, is effective to cover the controls of ISO 17799, COSO, and IT Risk Framework at once. Meanwhile, the observed case study indicated lack of compliancy of Framework XYZ followed by the invention of gap between current ISG implementation efforts and company visions. Lastly, several success and inhibiting factors are identified in the ISG framework implementation at PT X.

Value Co-Creation Practices in the Decommissioning of Offshore Platforms: A Case Study Approach

2021 ◽  
pp. 239496432110320
Author(s):  
Francesca Loia ◽  
Vincenzo Basile ◽  
Nancy Capobianco ◽  
Roberto Vona
Keyword(s):  
Oil And Gas ◽  
Oil And Gas Industry ◽  
Future Research ◽  
Offshore Platforms ◽  
Gas Industry ◽  
Study Approach ◽  
Collaborative Interactions ◽  
Exploratory Approach ◽  
Italian Context

Over the years, value co-creation practices have become increasingly more important by supporting collaborative interactions and the achievement of sustainable and mutual competitive advantage between the ecosystem’ actors. In this direction, the oil and gas industry is proposing a sustainable re-use of offshore platforms based on value co-creation and resources exchange between the actors involved. According to this consideration, this work aims at re-reading the decommissioning of offshore platforms in the light of value co-creation practices, trying to capture the factors that governments and companies can leverage to pursue a sustainable development of local communities. To reach this goal, this work follows an exploratory approach by using, in particular, the case study. Specifically, one of the most notably projects in the Italian context have been chosen, the Paguro platform, in order to provide empirical insights into the nature of these value co-creation processes. Five value co-creation practices have been identified which highlight the importance of synergistic efforts of institutions, companies and technology-based platforms for improving the ability to co-create and capture value in the process of decommissioning. This exploratory work establishes a foundation for future research, and offers theoretical and managerial guidance in this increasingly important area.

scholarly journals Securing Cloud Computing Through IT Governance

2021 ◽  
Vol 7 (1) ◽  
Author(s):  
Salman M. Faizi, Shawon Rahman
Keyword(s):  
Information Technology ◽  
Cloud Computing ◽  
Information Security ◽  
It Governance ◽  
Security Governance ◽  
Business Alignment ◽  
Information Security Governance ◽  
Business Needs ◽  
Market Needs

Lack of alignment between information technology (IT) and the business is a problem facing many organizations. Most organizations, today, fundamentally depend on IT. When IT and the business are aligned in an organization, IT delivers what the business needs and the business is able to deliver what the market needs. IT has become a strategic function for most organizations, and it is imperative that IT and business are aligned. IT governance is one of the most powerful ways to achieve IT to business alignment. Furthermore, as the use of cloud computing for delivering IT functions becomes pervasive, organizations using cloud computing must effectively apply IT governance to it. While cloud computing presents tremendous opportunities, it comes with risks as well. Information security is one of the top risks in cloud computing. Thus, IT governance must be applied to cloud computing information security to help manage the risks associated with cloud computing information security. This study advances knowledge by extending IT governance to cloud computing and information security governance.

Governing Information Security

2013 ◽  
pp. 29-45
Author(s):  
Yu “Andy” Wu ◽  
Carol Stoak Saunders
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Decision Rights ◽  
Security Governance ◽  
Level Information ◽  
Information Security Governance ◽  
Allocation Patterns ◽  
High Level ◽  
Decisional Authority ◽  
Selection Of

Governance of the information security function is critical to effective security. In this paper, the authors present a conceptual model for security governance from the perspective of decision rights allocation. Based on Da Veiga and Eloff’s (2007) framework for security governance and two high-level information security documents published by the National Institute of Standards and Technology (NIST), the authors present seven domains of information security governance. For each of the governance domains, they propose a main decision type, using the taxonomy of information technology decisions defined by Weill and Ross (2004). This framework recommends the selection of decision rights allocation patterns that are proper to those decision types to ensure good security decisions. As a result, a balance can be achieved between decisional authority and responsibility for information security.

scholarly journals Strategic Thinking: Intelligent Opportunism and Emergent Strategy — The Case of Strategic Engineering Services

2016 ◽  
Vol 17 (1) ◽  
pp. 65-70 ◽  
Author(s):  
Steven Pattinson
Keyword(s):  
Oil And Gas ◽  
Oil And Gas Industry ◽  
Strategic Thinking ◽  
Gas Industry ◽  
Covering System ◽  
Emergent Strategy ◽  
Engineering Company ◽  
Engineering Services ◽  
The Relationship

This case study focuses on strategic thinking and opportunistic approaches to business growth and diversification. It begins by examining the recent purchase of ‘Quickcover’, a remote-controlled sports pitch covering system, by engineering company Strategic Engineering Services and the company's current dilemma – whether to continue to develop this type of product, or sell it and concentrate on its existing engineering services business. In recent years, Strategic Engineering Services has moved away from traditional heavy engineering and diversified into related areas such as engineering services, oil and gas industry recruitment, plant and equipment hire, instrument calibration and project management. The case considers the relationship between strategic thinking and entrepreneurial approaches to opportunity recognition, exploring the concept of intelligent opportunism as an approach that enables entrepreneurs to develop emergent strategies and take advantage of new opportunities. It explores these concepts in the context of the current dilemma of Strategic Engineering Services.

Sign in / Sign up

Export Citation Format

Share Document