Search results

This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.

The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.

The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.

The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.

Amidst the complicated nature of the UAE’s facilities management (FM) industry, the need to recalibrate the existing performance measurement (PM) system measures and criteria has been resonating to ensure their ability to capture the FM industry trends and dynamics, thus enhancing organizational excellence. Therefore, this research aimed to propose a specific PM tool to the country’s FM industry to accurately assess performance and establish strategic enhancements.

The study reviewed literature on the available PM systems to gather the available measures, which were presented to a focus group of seven participants, who were purposively selected based on their expertise in FM and PM implementation in the UAE to adjust them and add ones relevant to the UAE’s FM industry.

The focus group conducted various changes, from retaining certain measures and criteria, renaming them to simplify or make them more representative of the industry, ranking them based on their importance to limit their numbers, to finally categorizing them as enablers or results. Consequently, the final proposed tool was composed of nine dimensions with 51 measures as performance enablers and three dimensions with 11 measures as performance results. Seven measures were added by the experts, who highlighted their increasing popularity in the UAE’s FM industry.

Through addressing the critical void in literature, this paper develops a specific PM tool aligning with the intricacy of the UAE’s FM industry, thus providing proactive contribution to the industry’s effective and sustainable growth.

The purpose of this study is to advance a novel evaluation index system and evaluation approach for ability of older adults in China.

This study constructed a comprehensive older adult ability evaluation index system with 4 primary indicators and 17 secondary indicators. Grey clustering analysis and entropy weight method are combined into a robust evaluation model for the ability of older adults.

The result demonstrates that the proposed grey clustering model is readily available to calculate the disability level of elderly individuals. The constructed index system more comprehensively considers all aspects of the disability of the elderly.

This study provides a quantitative method and a more reasonable index system for the determination of the disability level of the elderly.

The purpose of this study is to estimate the effects of gender composition in the workplace on employee job satisfaction and commitment.

The data were collected on both the organizational and employee levels at three different points in time in organizations with more than 70 employees. Multi-level mixed-effects ordered logistics regressions were used to account for the multi-level nature of the data and the ordered nature of the dependent variables.

Employees in gender-balanced workplaces show higher levels of job satisfaction and commitment than those in female-dominated or male-dominated workplaces. The relationship is also based on the gender of the individual, as men show a significantly lower level of both job satisfaction and commitment when working in male-dominated workplaces than others, while for women, the effect is only significant for commitment.

Aiming for a balance in the gender composition of the workplace may improve employee attitudes, especially for men. The results also indicate that further research is warranted into why job satisfaction and commitment are significantly lower among men in male-dominated workplaces.

The relationship between gender and job satisfaction and commitment is well established, but less is known about the effects of gender composition on job satisfaction and commitment. Previous papers have focused on job satisfaction. This paper extends prior studies by estimating the effects of gender composition on both job satisfaction and commitment using multi-level regressions on a rich dataset.

The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.

This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence?

In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel.

This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn.

Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations.

Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats.

Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.

The concept of productivity is central to performance management and decision-making, although it is complex and multifaceted. This paper aims to describe a methodology based on the use of Big Data in a cluster analysis combined with a data envelopment analysis (DEA) that provides accurate and reliable productivity measures in a large network of retailers.

The methodology is described using a case study of a leading kitchen furniture producer. More specifically, Big Data is used in a two-step analysis prior to the DEA to automatically cluster a large number of retailers into groups that are homogeneous in terms of structural and environmental factors and assess a within-the-group level of productivity of the retailers.

The proposed methodology helps reduce the heterogeneity among the units analysed, which is a major concern in DEA applications. The data-driven factorial and clustering technique allows for maximum within-group homogeneity and between-group heterogeneity by reducing subjective bias and dimensionality, which is embedded with the use of Big Data.

The use of Big Data in clustering applied to productivity analysis can provide managers with data-driven information about the structural and socio-economic characteristics of retailers' catchment areas, which is important in establishing potential productivity performance and optimizing resource allocation. The improved productivity indexes enable the setting of targets that are coherent with retailers' potential, which increases motivation and commitment.

This article proposes an innovative technique to enhance the accuracy of productivity measures through the use of Big Data clustering and DEA. To the best of the authors’ knowledge, no attempts have been made to benefit from the use of Big Data in the literature on retail store productivity.

The aim of this study is to empirically explore and analyze the concrete tasks of output measurement and the inherent challenges related to these tasks in a traditional and autonomous professional public work setting – the judicial system.

The analysis of the tasks is based on a categorization of general performance measurement motives (control-motivate-learn) and main stakeholder levels (society-organization-professionals). The analysis is exploratory and conducted as an empirical content analysis on materials and reports produced in two performance improvement projects conducted in European justice organizations.

The identified main tasks in the different categories are related to managing resources, controlling performance deviations, and encouraging improvement and development of performance. Based on the results, key improvement areas connected to output measurement in professional public organizations are connected to the improvement of objectivity and fairness in budgeting and work allocation practices, improvement of output measures' versatility and informativeness to highlight motivational and learning purposes, improvement of professional self-management in setting output targets and producing outputs, as well as improvement of organizational learning from the output measurement.

The paper presents empirically founded practical examples of challenges and improvement opportunities related to the tasks of output measurement in professional public organization.

This paper fulfils an identified need to study how general performance management motives realize as concrete tasks of output measurement in justice organizations.

Performance framework (PF) is a well-established practice to measure innovation performance and identify improvement opportunities. However, whether PFs academic research are applicable to companies remains unclear, as well as their support in the definition of improvement actions. This study aims to present the implementation and assessment of a new and updated PF proposed in previous research in a real industrial context.

The PF was implemented through an in-depth case study carried out in a European machinery manufacturer and further assessed by practitioners.

The results indicate that the PF enabled the creation of a multidimensional view of the innovation performance and the definition of improvement projects in the company. Additionally, the findings also reveal an overall positive assessment of the PF by senior managers who work with the innovation process.

As a case study, this research is inherently limited in the extent to which results can be generalised. Thus, the analyses are reductive and rationalising. Future research is needed to assess the replicability of the PF.

The study's practical contribution is based on the combination of insights and steps that provide a straightforward and actionable approach for the company to improve performance.

This study aims to advance the importance of implementing the new and updated PF after its proposition, which is often overlooked in preceding research. Furthermore, the assessment of the PF also enables to infer its value to the company's employees.

Research on employee non-/compliance to information security policies suffers from inconsistent results and there is an ongoing discussion about the dominating survey research methodology and its potential effect on these results. This study aims to add to this discussion by investigating discrepancies between what the authors claim to measure (theoretical properties of variables) and what they actually measure (respondents’ interpretations of the operationalized variables). This study asks: How well do respondents’ interpretations of variables correspond to their theoretical definitions? What are the characteristics of any discrepancies between variable definitions and respondent interpretations?

This study is based on in-depth interviews with 17 respondents from the Swedish public sector to understand how they interpret questionnaire measurement items operationalizing the variables Perceived Severity from Protection Motivation Theory and Attitude from Theory of Planned Behavior.

The authors found that respondents’ interpretations in many cases differ substantially from the theoretical definitions. Overall, the authors found four principal ways in which respondents interpreted measurement items – referred to as property contextualization, extension, alteration and oscillation – each implying more or less (dis)alignment with the intended theoretical properties of the two variables examined.

The qualitative method used proved vital to better understand respondents’ interpretations which, in turn, is key for improving self-reporting measurement instruments. To the best of the authors’ knowledge, this study is a first step toward understanding how precise and uniform definitions of variables’ theoretical properties can be operationalized into effective measurement items.

The paper's purpose is to investigate the effects of digital finance on the risk of stock price crashes and the underlying transmission mechanisms, and to provide suggestions to inhibit the stock crash risk (CR).

This paper selects all companies that were listed on the Shanghai Stock Exchange and the Shenzhen Stock Exchange from 2011 to 2020. It then uses the two-way fixed effect model and the intermediary effect model to verify such effects.

The overall outcomes demonstrate such a result that the CR of listed companies in China can be significantly reduced by the development of digital finance, and the overall transparency of business financial information and the equity pledge of controlling shareholders are the two underlying transmission mechanisms that digital finance can cause effects on the CR of stocks.

The main limitations are that there may exist some problems in the method for evaluating the CR of stocks. And there may be a problem of endogeneity caused by the empirical model cannot control all correlation variables.

This paper would provide policy implications, for different roles, to inhibit the stock CR and to make the development of the economy more stabilize.

Digital finance can promote economic development while restraining financial risks at the same time. Therefore, although this study is based on the relevant data from China, it can also provide a reference for other economies with different basic conditions from China, to promote the overall development of the world economy.

The current academic research on digital finance or stock price CR has been relatively sufficient, but there are few papers that combined both. By combining digital finance with stock CR, this paper researches the influence of digital finance on the CR of stocks through empirical analysis. So, this paper would provide new research ideas and evidence for potential influence factors of the CR of stocks, fill the gap in this research field and provide certain help for subsequent scholars to conduct relevant research.