A Case Study of Effectively Implemented Inormation Systems Security Policy

2011 ◽  
pp. 25-41 ◽  
Author(s):  
Charla Griffy-Brown ◽  
Mark W.S. Chun
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Case Analysis ◽  
Web Based ◽  
Systems Security ◽  
Policies And Procedures ◽  
Technical Architecture ◽  
The Relationship

This chapter demonstrates the importance of a well-formulated and articulated information security policy by integrating best practices with a case analysis of a major Japanese multinational automotive manufacturer and the security lessons it learned in the implementation of its Web-based portal. The relationship between information security and business needs and the conflict that often results between the two are highlighted. The case also explores the complexities of balancing business expedience with long-term strategic technical architecture. The chapter provides insight and offers practical tools for effectively developing and implementing information security policies and procedures in contemporary business practice.

A Case Study of Effectively Implemented Information Systems Security Policy

2008 ◽  
pp. 1727-1740
Author(s):  
Charla Griffy-Brown ◽  
Mark W.S. Chun
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Case Analysis ◽  
Web Based ◽  
Systems Security ◽  
Policies And Procedures ◽  
Technical Architecture ◽  
The Relationship

This chapter demonstrates the importance of a well-formulated and articulated information security policy by integrating best practices with a case analysis of a major Japanese multinational automotive manufacturer and the security lessons it learned in the implementation of its Web-based portal. The relationship between information security and business needs and the conflict that often results between the two are highlighted. The case also explores the complexities of balancing business expedience with long-term strategic technical architecture. The chapter provides insight and offers practical tools for effectively developing and implementing information security policies and procedures in contemporary business practice.

scholarly journals Blending in: A Case Study of Transitional Ambidexterity in the Financial Sector

2021 ◽  
Vol 13 (4) ◽  
pp. 1690
Author(s):  
Beniamino Callegari ◽  
Ranvir S. Rai
Keyword(s):  
Financial Sector ◽  
Economic Sustainability ◽  
Organizational Ambidexterity ◽  
Management Literature ◽  
Innovative Capabilities ◽  
Financial Firm ◽  
The Relationship

Organizational ambidexterity is widely recognized as necessary for the economic sustainability of firms operating in the financial sector. While the management literature has recognized several forms of ambidexterity, the relationship between them and their relative merits remain unclear. By studying a process of implementation of ambidextrous capabilities within a large Scandinavian financial firm, we explore the role of top-down reforms and bottom-up reactions in determining the development of sector-specific innovative capabilities. We find that blended ambidexterity follows naturally from the attempt to correct the tensions arising from harmonic ambidextrous blueprints. The resulting blended practice appears to be closely related to the reciprocal model of ambidexterity, which appears to be a necessity rather than a choice, for large firms attempting to develop innovative capabilities. Consequently, we suggest to re-interpret current taxonomies of ambidexterity not as alternative blueprints, but rather as stages in a long-term process of transition.

scholarly journals Simulated Fishing to Untangle Catchability and Availability in Fish Abundance Monitoring

2021 ◽  
Vol 19 (3) ◽  
Author(s):  
Vanessa Tobias ◽  
Keyword(s):  
San Francisco ◽  
Water Clarity ◽  
Ecological Monitoring ◽  
Monitoring Data ◽  
Delta Smelt ◽  
Individual Based Simulation ◽  
The Relationship ◽  
True Population

In fisheries monitoring, catch is assumed to be a product of fishing intensity, catchability, and availability, where availability is defined as the number or biomass of fish present and catchability refers to the relationship between catch rate and the true population. Ecological monitoring programs use catch per unit of effort (CPUE) to standardize catch and monitor changes in fish populations; however, CPUE is proportional to the portion of the population that is vulnerable to the type of gear used in sampling, which is not necessarily the entire population. Programs often deal with this problem by assuming that catchability is constant, but if catchability is not constant, it is not possible to separate the effects of catchability and population size using monitoring data alone. This study uses individual-based simulation to separate the effects of changing environmental conditions on catchability and availability in environmental monitoring data. The simulation combines a module for sampling conditions with a module for individual fish behavior to estimate the proportion of available fish that would escape from the sample. The method is applied to the case study of the well monitored fish species Delta Smelt (Hypomesus transpacificus) in the San Francisco Estuary, where it has been hypothesized that changing water clarity may affect catchability for long-term monitoring studies. Results of this study indicate that given constraints on Delta Smelt swimming ability, it is unlikely that the apparent declines in Delta Smelt abundance are the result of changing water clarity affecting catchability.

scholarly journals Simulated Fishing to Untangle Catchability and Availability in Fish Abundance Monitoring

2021 ◽  
Author(s):  
Vanessa Tobias
Keyword(s):  
San Francisco ◽  
Water Clarity ◽  
Ecological Monitoring ◽  
Monitoring Data ◽  
Delta Smelt ◽  
Individual Based Simulation ◽  
The Relationship ◽  
True Population

In fisheries monitoring, catch is assumed to be a product of fishing intensity, catchability, and availability, where availability is defined as the number or biomass of fish present and catchability refers to the relationship between catch rate and the true population. Ecological monitoring programs use catch per unit of effort (CPUE) to standardize catch and monitor changes in fish populations; however, CPUE is proportional to the portion of the population that is vulnerable to the type of gear that is used in sampling, which is not necessarily the entire population. Programs often deal with this problem by assuming that catchability is constant, but if catchability is not constant, it is not possible to separate the effects of catchability and population size using monitoring data alone. This study uses individual-based simulation to separate the effects of changing environmental conditions on catchability and availability in environmental monitoring data. The simulation combines a module for sampling conditions with a module for individual fish behavior to estimate the proportion of available fish that would escape from the sample. The method is applied to the case study of the well-monitored fish species Delta Smelt (Hypomesus transpacificus) in the San Francisco Estuary, where it has been hypothesized that changing water clarity may affect catchability for long-term monitoring studies. Results of this study indicate that given constraints on Delta Smelt swimming ability, it is unlikely that the apparent declines in Delta Smelt abundance are due to an effect of changing water clarity on catchability.

scholarly journals Duše předmětu a tělo modlitby aneb zkoumání sociologických nejistot na případu Sóka Gakkai International

2020 ◽  
Vol 17 (2) ◽  
pp. 53-69
Author(s):  
Petra Tlčimuková
Keyword(s):  
Social Sciences ◽  
Network Theory ◽  
Actor Network Theory ◽  
Sociology Of Religion ◽  
Black Boxes ◽  
The Social ◽  
Soka Gakkai ◽  
The Relationship

This case study presents the results of long-term original ethnographic research on the international Buddhist organization Soka Gakkai International (SGI). It focuses on the relationship between the material and immaterial and deals with the question of how to study them in the sociology of religion. The analysis builds upon the critique of the modernist paradigm and related research of religion in the social sciences as presented by Harman, Law and Latour. The methodology draws on the approach of Actor-Network Theory as presented by Bruno Latour, and pursues object-oriented ethnography, for the sake of which the concept of iconoclash is borrowed. This approach is applied to the research which focused on the key counterparts in the Buddhist praxis of SGI ‒ the phrase daimoku and the scroll called Gohonzon. The analysis deals mainly with the sources of sociological uncertainties related to the agency of the scroll. It looks at the processes concerning the establishing and dissolving of connections among involved elements, it opens up the black-boxes and proposes answers to the question of new conceptions of the physical as seen through Gohonzon.

Information security policy compliance: a higher education case study

2018 ◽  
Vol 26 (1) ◽  
pp. 91-108 ◽  
Author(s):  
Khaled A. Alshare ◽  
Peggy L. Lane ◽  
Michael R. Lane
Keyword(s):  
Higher Education ◽  
Information Security ◽  
Security Policy ◽  
Past Research ◽  
Faculty Members ◽  
Research Model ◽  
Security Measures ◽  
Timely Manner ◽  
Content Type

Purpose The purpose of this case study is to examine the factors that impact higher education employees’ violations of information security policy by developing a research model based on grounded theories such as deterrence theory, neutralization theory and justice theory. Design/methodology/approach The research model was tested using 195 usable responses. After conducting model validation, the hypotheses were tested using multiple linear regression. Findings The results of the study revealed that procedural justice, distributive justice, severity and celerity of sanction, privacy, responsibility and organizational security culture were significant predictors of violations of information security measures. Only interactional justice was not significant. Research limitations/implications As with any exploratory case study, this research has limitations such as the self-reported information and the method of measuring the violation of information security measures. The method of measuring information security violations has been a challenge for researchers. Of course, the best method is to capture the actual behavior. Another limitation to this case study which might have affected the results is the significant number of faculty members in the respondent pool. The shared governance culture of faculty members on a US university campus might bias the results more than in a company environment. Caution should be applied when generalizing the results of this case study. Practical implications The findings validate past research and should encourage managers to ensure employees are involved with developing and implementing information security measures. Additionally, the information security measures should be applied consistently and in a timely manner. Past research has focused more on the certainty and severity of sanctions and not as much on the celerity or swiftness of applying sanctions. The results of this research indicate there is a need to be timely (swift) in applying sanctions. The importance of information security should be grounded in company culture. Employees should have a strong sense of treating company data as they would want their own data to be treated. Social implications Engaging employees in developing and implementing information security measures will reduce employees’ violations. Additionally, giving employees the assurance that all are given the same treatment when it comes to applying sanctions will reduce the violations. Originality/value Setting and enforcing in a timely manner a solid sanction system will help in preventing information security violations. Moreover, creating a culture that fosters information security will help in positively affecting the employees’ perceptions toward privacy and responsibility, which in turn, impacts information security violations. This case study applies some existing theories in the context of the US higher education environment. The results of this case study contributed to the extension of existing theories by including new factors, on one hand, and confirming previous findings, on the other hand.

Teaching Statistics and Operations Research Online

2010 ◽  
pp. 298-311 ◽  
Author(s):  
A. Juan ◽  
J. Faulin ◽  
P. Fonseca ◽  
C. Steegmann ◽  
L. Pla ◽  
...  
Keyword(s):  
Operations Research ◽  
Online Teaching ◽  
Teaching And Learning ◽  
Online Courses ◽  
Web Based ◽  
Face To Face ◽  
Face To Face Instruction ◽  
Based Instruction

This chapter presents a case study of online teaching in Statistics and Operations Research (OR) at the Open University of Catalonia (UOC). UOC is a purely online university with headquarters in Barcelona, Spain, with students from many countries. As common to most math-related knowledge areas, teaching and learning Statistics and OR present difficult challenges in traditional higher education. These issues are exacerbated in online environments where face-to-face interactions between students and instructors as well as among students themselves are limited or non-existent. Despite these difficulties, as evidenced in the global growth of online course offerings, Web-based instruction offers comparative benefits to traditional face-to-face instruction. While there exists a plethora of literature covering experiences and best practices in traditional face-to-face instruction in mathematics, there is a lack of research describing long-term successful experiences in Statistics and OR online courses. Based on the authors’ experiences during the last decade, this chapter aims to share some insights on how to design and develop successful online courses in these knowledge areas.

Critical and Inhibiting Success Factors in Interorganizational Networks

2020 ◽  
pp. 63-86
Author(s):  
Viviana Durão ◽  
António Carrizo Moreira
Keyword(s):  
Success Factors ◽  
Single Case ◽  
Interorganizational Networks ◽  
Single Case Study ◽  
Strategic Partnerships ◽  
Structured Interviews ◽  
Organizational Network ◽  
The Relationship

This chapter, based on a single case study, has as its main objective to analyze a real example of creating an inter-organizational network and to perceive what was done for the selection and creation of the strategic partnerships and inter-organizational network and what factors or conditions can inhibit these partnerships from having long-term success and throughout its life cycle. For this, a qualitative study based on action research and semi-structured interviews was conducted. Results show although many companies settle in inter-organizational networks to gain competitive advantage, cases of failure are still quite high. In this case, upstream partnerships have not been based on long-term trust and commitment, which has jeopardized the continuity of the network, although there is an express desire to re-establish contacts. The partnership established downstream did not show the same commitment to continue the partnership with a total termination of the relationship.

Information Security Policies and Procedures Guidance for Agencies

2020 ◽  
pp. 47-62
Author(s):  
Dasari Kalyani
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Large Scale ◽  
Management Strategies ◽  
Security Policies ◽  
Risk Levels ◽  
Security Models ◽  
Policies And Procedures ◽  
Good Policy ◽  
The Right

In today's digital e-commerce and m-commerce world, the information itself acts as an asset and exists in the form of hardware, software, procedure, or a person. So the security of these information systems and management is a big challenging issue for small and large-scale agencies. So this chapter discusses the major role and responsibility of the organization's management in identifying the need for information security policy in today's world of changing security principles and controls. It focuses on various policy types suitable for all kinds of security models and procedures with the background details such as security policy making, functionality, and its impact on an agency culture. Information security policies are helpful to identify and assess risk levels with the available set of technological security tools. The chapter describes the management strategies to write a good policy and selection of the right policy public announcement. The agencies must also ensure that the designed policies are properly implemented and ensure compliance through frequent intermediate revisions.

Knowledge Transfer in Offshore Outsourcing

2011 ◽  
Vol 19 (2) ◽  
pp. 27-44 ◽  
Author(s):  
Nguyen Thu Huong ◽  
Umemoto Katsuhiro ◽  
Dam Hieu Chi
Keyword(s):  
Knowledge Transfer ◽  
Transfer Process ◽  
Service Providers ◽  
Offshore Outsourcing ◽  
System Engineer ◽  
The Relationship ◽  
Initial Results ◽  
Willingness To Cooperate

This paper discusses the knowledge transfer process in offshore outsourcing. The focus is a case study of software offshore outsourcing from Japan to Vietnam. Initial results confirm that willingness to cooperate and good impressions facilitate the knowledge transfer process. In addition, communication barriers, cultural differences, lack of equivalence in individual competence, and lack of common rules slow down the transfer process. The study also identifies the Bridge System Engineer (Bridge SE)-a type of coordinator who mediates and enhances the relationship between Japanese clients and Vietnamese service providers. Employing a Bridge SE is an effective way to fill the communication gap, the cultural gap, and generally improve the business relationship. Bridge SEs use their background of higher education and long-term residence in Japan to give advice to Vietnamese software teams on Japanese cultural characteristics, such as the apology culture and the separation between work and private time. In other situations, Bridge SEs use their IT background and communication skills to verify and adjust communication contents before information is sent from one side to another.

Sign in / Sign up

Export Citation Format

Share Document