Search results
1 – 10 of over 16000There should be one standard for those with access to classified data. Leadership by example should be required by all managers, supervisors and department heads. The paper aims…
Abstract
Purpose
There should be one standard for those with access to classified data. Leadership by example should be required by all managers, supervisors and department heads. The paper aims to discuss this issue.
Design/methodology/approach
This paper is a viewpoint and does not have a methodology.
Findings
Leaders who work in the public sector have an inherent responsibility to earn and maintain the trust of the public for whom they serve. Regardless of whether one is a career government employee, a politician or a political appointee, all who have access to classified material should respect the necessity of safeguards to keep one’s nation’s secrets – secret.
Research limitations/implications
If leaders fail to set the example, then nations risk further breaches of their classified information.
Practical implications
This viewpoint applies to anyone who works in an environment dealing with classified material.
Social implications
This viewpoint serves to educate the public on maintaining a single standard for those who handle classified material.
Originality/value
The author has yet to see much covered in peer-reviewed publications on this topic and believe that the subject is particularly relevant at this time.
Details
Keywords
This paper aims to report on a study that aimed at analyzing the relationships between information security and records management (RM), both as programs/functions established in…
Abstract
Purpose
This paper aims to report on a study that aimed at analyzing the relationships between information security and records management (RM), both as programs/functions established in organizations. Similar studies were not found in relevant literature.
Design/methodology/approach
The study used the classic grounded theory methodology. Pursuing the general curiosity about the information security-RM relationship in organizations, the study selected the United States (US) Federal Government as its field of entrance and followed the process of the classic grounded theory methodology that starts from the letting of the emergence of the research question to the formulation of a substantive theory that answered the question.
Findings
On the emergent question that why, despite the legislative establishment of agency RM programs and the use of the term records in their work, the US Federal Government information security community considered RM a candidate for deletion (CFD), the study coded the truncated application of the encompassing definition of records as the underlying reason. By this code, along with its three properties, i.e. limitations by the seemingly more encompassing coverage of information, insufficient legislative/regulatory support and the use of the terms of evidence and preservation in the records definition, the CFD consideration and the associated phenomena of unsound legislative/regulatory conceptualization, information shadow, information ignorance and archival shadow were explained.
Research limitations/implications
The study results suggested the data for subsequent theoretical sampling to be the operational situations of individual agency RM programs.
Practical implications
The rationale presented in the study regarding the encompassing nature of records and the comprehensive scope of RM program can be used for building strong RM business cases.
Originality/value
The study appears to be the first of its kind, which examined the RM–information security relationship in a very detailed setting.
Details
Keywords
The purpose of this study is to review the levels of open government data (OGD) among various countries that are not consistent with the development levels of those countries…
Abstract
Purpose
The purpose of this study is to review the levels of open government data (OGD) among various countries that are not consistent with the development levels of those countries. This study evaluates the associativity between OGD Index (OGD) and the characteristics of those countries as well as to compare the degree of OGD among countries. Accordingly, an advanced discussion to explore how a country’s characteristics affect how that country’s government opens data was presented.
Design/methodology/approach
The stakeholder relationships of OGD is analysed with the characteristics of a country. The usage data are compared with the data availability according to nine indicators. These data collected from the statistics and OGDI websites are grouped for comparative statistical analyses based on basic descriptive statistics, one-way analysis of variance and a regression model with variance inflation faction.
Findings
The results 1) revealed the reasons some countries have high-ranking indexes and 2) verified the high index values of countries in terms of their degrees of development. This study, thus, attempted to derive a balanced appraisal of national development and OGD.
Research limitations/implications
The study sample is limited only to countries 1) which open the statistical data; and 2) are of uneven population density and development degree. The OGDI is limited to expert evaluation. The score might be vary to experts and users with diverse countries at different evaluation period. The limitations can be attributed to the differences between OGDI and real open levels. These differences might influence the reliability and validity.
Practical implications
Government departments with OGD policies provide raw data in various formats and with application interfaces for user access. This study, thus, attempts to derive a balanced appraisal of national development and OGD. The factors that evaluate which types of countries open the level of data are explored.
Originality/value
This study establishes stakeholder relationships of OGD and extends to analyse the characteristics of a country and OGD that affect the government data open level. The relationships are evaluated through the OGDI with design score scheme. The measurement results indicated that a country possesses high relation to open data with high DI and nature resource.
Details
Keywords
Erik Bergström, Fredrik Karlsson and Rose-Mharie Åhlfeldt
The purpose of this paper is to develop a method for information classification. The proposed method draws on established standards, such as the ISO/IEC 27002 and information…
Abstract
Purpose
The purpose of this paper is to develop a method for information classification. The proposed method draws on established standards, such as the ISO/IEC 27002 and information classification practices. The long-term goal of the method is to decrease the subjective judgement in the implementation of information classification in organisations, which can lead to information security breaches because the information is under- or over-classified.
Design/methodology/approach
The results are based on a design science research approach, implemented as five iterations spanning the years 2013 to 2019.
Findings
The paper presents a method for information classification and the design principles underpinning the method. The empirical demonstration shows that senior and novice information security managers perceive the method as a useful tool for classifying information assets in an organisation.
Research limitations/implications
Existing research has, to a limited extent, provided extensive advice on how to approach information classification in organisations systematically. The method presented in this paper can act as a starting point for further research in this area, aiming at decreasing subjectivity in the information classification process. Additional research is needed to fully validate the proposed method for information classification and its potential to reduce the subjective judgement.
Practical implications
The research contributes to practice by offering a method for information classification. It provides a hands-on-tool for how to implement an information classification process. Besides, this research proves that it is possible to devise a method to support information classification. This is important, because, even if an organisation chooses not to adopt the proposed method, the very fact that this method has proved useful should encourage any similar endeavour.
Originality/value
The proposed method offers a detailed and well-elaborated tool for information classification. The method is generic and adaptable, depending on organisational needs.
Details
Keywords
Knight's Industrial Law Reports goes into a new style and format as Managerial Law This issue of KILR is restyled Managerial Law and it now appears on a continuous updating basis…
Abstract
Knight's Industrial Law Reports goes into a new style and format as Managerial Law This issue of KILR is restyled Managerial Law and it now appears on a continuous updating basis rather than as a monthly routine affair.
The Equal Pay Act 1970 (which came into operation on 29 December 1975) provides for an “equality clause” to be written into all contracts of employment. S.1(2) (a) of the 1970 Act…
Abstract
The Equal Pay Act 1970 (which came into operation on 29 December 1975) provides for an “equality clause” to be written into all contracts of employment. S.1(2) (a) of the 1970 Act (which has been amended by the Sex Discrimination Act 1975) provides:
Rashmi Anand, Sanjay Medhavi, Vivek Soni, Charru Malhotra and D.K. Banwet
Digital India, the flagship programme of Government of India (GoI) originated from National e-Governance Project (NeGP) in the year 2014. The programme has important aspect of…
Abstract
Purpose
Digital India, the flagship programme of Government of India (GoI) originated from National e-Governance Project (NeGP) in the year 2014. The programme has important aspect of information security and implementation of IT policy which supports e-Governance in a focused approach of Mission Mode. In this context, there is a need to assess situation of the programme which covers a study of initiatives and actions taken by various actor involved and processes which are responsible for overall e-Governance. Therefore, the purpose of this case study is to develop a Situation-Actor-Process (SAP), Learning-Action-Performance (LAP) based inquiry model to synthesize situation of information security governance, IT policy and overall e-Governance.
Design/methodology/approach
In this case study both systematic inquiry and matrices based SAP-LAP models are developed. Actors are classified who are found responsible and engaged in IT policy framing, infrastructure development and also in e-Governance implementation. Based on a synthesis of SAP components, various LAP elements were then synthesized then which further led to learning from the case study. Suitable actions and performance have also been highlighted, followed by a statement of the impact of the efficacy i.e. transformation of information security, policy and e-Governance on the Digital India programme.
Findings
On developing the SAP-LAP framework, it was found that actors like the Ministry of Electronics and Information Technology of the Govt. of India secures a higher rank in implementing various initiatives and central sector schemes to accelerate the agenda of e-Governance. Actions of other preferred actors include more investments in IT infrastructure, policy development and a mechanism to address cyber security threats for effective implementation of e-Governance. It was found that actors should be pro-active on enhancing technical skills, capacity building and imparting education related to ICT applications and e-Governance. Decision making should be based on the sustainable management practices of e-Governance projects implementation to manage change, policy making and the governmental process of the Indian administration and also to achieve Sustainable Development Goals by the Indian economy.
Research limitations/implications
The SAP-LAP synthesis is used to develop the case study. However, few other qualitative and quantitative multi criteria decision making approaches could also be explored for the development of IT security based e-Governance framework in the Indian context.
Practical implications
The synthesis of SAP leads to LAP components which can bridge the gaps between information security, IT policy governance and e-Governance process. Based on the learning from the Situation, it is said that the case study can provide decision making support and has impact on the e-Governance process i.e. may enhance awareness about e-services available to the general public. Such work is required to assess the transparency and accountability on the Government.
Social implications
Learning based on the SAP-LAP framework could provide decision making support to the administrators, policy makers and IT sector stakeholders. Thus, the case study would further help in addressing the research gaps, accelerating e-Governance initiatives and in capturing cyber threats.
Originality/value
The SAP-LAP model is found as an intuitive approach to analyze the present status of information security governance, IT policy and e-Governance in India in a single unitary model.
Details
Keywords
A distinction must be drawn between a dismissal on the one hand, and on the other a repudiation of a contract of employment as a result of a breach of a fundamental term of that…
Abstract
A distinction must be drawn between a dismissal on the one hand, and on the other a repudiation of a contract of employment as a result of a breach of a fundamental term of that contract. When such a repudiation has been accepted by the innocent party then a termination of employment takes place. Such termination does not constitute dismissal (see London v. James Laidlaw & Sons Ltd (1974) IRLR 136 and Gannon v. J. C. Firth (1976) IRLR 415 EAT).
Computer users face fundamentally new levels of risks in information security because of increased use of networks, increased computer literacy, an explosion in microcomputer use…
Abstract
Computer users face fundamentally new levels of risks in information security because of increased use of networks, increased computer literacy, an explosion in microcomputer use and decentralized data processing capabilities, and increased dependency on information technology overall. Realizing this fact is considerably easier than taking action to ease these risks, for computer security is fraught with hidden problems and contradictions. For example, while teenaged hackers have brought computer security and crime to the attention of policymakers and the public, most systems can be protected from hackers rather easily. The abuse of computer systems by those authorized to use them, as well as such mundane issues as protection from operator errors and natural or man‐made disasters, are more difficult problems. The Federal Government's experience in this area provides a number of lessons that are applicable to the private sector as well.
Tran Khanh Dang and Tran Tri Dang
By reviewing different information visualization techniques for securing web information systems, this paper aims to provide a foundation for further studies of the same topic…
Abstract
Purpose
By reviewing different information visualization techniques for securing web information systems, this paper aims to provide a foundation for further studies of the same topic. Another purpose of the paper is to discover directions in which there is a lack of extensive research, thereby encouraging more investigations.
Design/methodology/approach
The related techniques are classified first by their locations in the web information systems architecture: client side, server side, and application side. Then the techniques in each category are further classified based on attributes specific to that category.
Findings
Although there is much research on information visualization for securing web browser user interface and server side systems, there are very few studies about the same techniques on web application side.
Originality/value
This paper is the first published paper reviewing extensively information visualization techniques for securing web information systems. The classification used here offers a framework for further studies as well as in‐depth investigations.
Details