Search results
1 – 10 of over 2000Stefan Fenz and Thomas Neubauer
The purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and…
Abstract
Purpose
The purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and, therefore, the cost efficiency of the information security compliance checking process. The authors advanced the state-of-the-art by developing and applying the method to ISO 27002 information security controls and by developing a semantic decision support system.
Design/methodology/approach
The research has been conducted under design science principles. The formalized information security controls were used in a compliance/risk management decision support system which has been evaluated with experts and end-users in real-world environments.
Findings
There are different ways of obtaining compliance to information security standards. For example, by implementing countermeasures of different quality depending on the protection needs of the organization. The authors developed decision support mechanisms which use the formal control descriptions as input to support the decision-maker at identifying the most appropriate countermeasure strategy based on cost and risk reduction potential.
Originality/value
Formalizing and mapping the ISO 27002 controls to the security ontology enabled the authors to automatically determine the compliance status and organization-wide risk-level based on the formal control descriptions and the modelled environment, including organizational structures, IT infrastructure, available countermeasures, etc. Furthermore, it allowed them to automatically determine which countermeasures are missing to ensure compliance and to decrease the risk to an acceptable level.
Details
Keywords
Gavin Dennehy, Bobby Kennedy and John Spillane
The purpose of this study is to identify the factors relating to the integration and compliance of Building Control (Amendment) Regulations 2014 (BC(A)R 2014) in large Irish…
Abstract
Purpose
The purpose of this study is to identify the factors relating to the integration and compliance of Building Control (Amendment) Regulations 2014 (BC(A)R 2014) in large Irish construction organisations.
Design/methodology/approach
To achieve the aim, a mixed method approach is adopted, initially, providing a critique of the literature review, followed by a combination of 7 semi-structured interviews and 30 questionnaires from industry practitioners.
Findings
Findings demonstrate that BC(A)R has had a significant positive effect on the industry, eliminating previous bad practice, by increasing the accountability for professionals signing-off on new buildings, and highlights the emphasis on certification in successfully achieving practical completion on projects.
Practical implications
The findings provide further justification on the need for compliance, and integration, of BC(A)R in the Irish construction sector, offering further evidence, where needed, on the benefit of its adoption.
Originality/value
The originality and value of this research lies in the limited number of studies in the area, particularly in the context of large Irish construction projects, which this study aims to fulfil.
Details
Keywords
The objective of this study is to assess the level of corporate governance (CG) compliance and identify determinants of high compliance in Indonesian publicly listed corporations…
Abstract
Purpose
The objective of this study is to assess the level of corporate governance (CG) compliance and identify determinants of high compliance in Indonesian publicly listed corporations including family and nonfamily firms. The country uses a voluntary disclosure approach to enforce its regulations; thus, it is important to identify the factors affecting compliance.
Design/methodology/approach
Employing a logistic regression model, this paper analyzes the CG index of high-compliance vs. poor-compliance companies and emphasizes factors that contribute to better governance compliance. The CG index of high-compliant firms is almost twice as high as that of low-compliant firms.
Findings
The study explores factors that contribute to high CG in an emerging market like Indonesian corporations. The study's findings indicate that family-owned businesses predominate in the low-compliance group. High-compliance firms are older and larger with higher financial performance, free float and leverage, as well as a positive influence of the founder's great leadership. The results support theoretical arguments that concentrated ownership and excessive majority shareholder control are key factors in determining the likelihood of good governance practices by firms. Hence, the market and regulators should devise effective strategies to encourage and reward high compliance.
Research limitations/implications
The findings of the research offer several implications for the academic community and policymakers. Improving CG at the firm level is a viable goal, even though the agenda to reform minority investor protection laws and increase judicial quality is challenging and may take a long time to show significant results. Moreover, this study has some limitations that could be addressed in future research. The study focuses on a single-country setting, Indonesia. There are cultural aspects and governance settings that may be unique in the Indonesian context, which may limit the applicability of the findings to other countries with their own cultural settings and institutional legal framework.
Originality/value
The study investigates the factors that influence high governance compliance in specific CG regulations designed for the emerging Indonesian market. The study also discovers evidence that the crisis period has a favorable impact on the firm's decision to comply with governance provisions.
Details
Keywords
Kasimu Sendawula, Peter Turyakira, Cathy Mbidde Ikiror and Vincent Bagire
The purpose of this paper is to establish whether all the dimensions of regulatory compliance matter for environmental sustainability practices of manufacturing small and medium…
Abstract
Purpose
The purpose of this paper is to establish whether all the dimensions of regulatory compliance matter for environmental sustainability practices of manufacturing small and medium entrepreneurial ventures (SMEVs) using evidence from Uganda.
Design/methodology/approach
This study is cross-sectional and correlational. Data was collected through a questionnaire survey of 106 manufacturing SMEVs. Data was analyzed using Statistical Package for Social Sciences (SPSS) version 23.
Findings
The results indicate that controls, legitimacy and deterrence do matter for environmental sustainability practices of the manufacturing SMEVs in Uganda, unlike social norms and values.
Originality/value
This study fosters the understanding of environmental sustainability practices, as it provides insights on whether all the dimensions of regulatory compliance do matter for environmental sustainability practices of manufacturing SMEVs in Uganda.
Details
Keywords
This study aims to develop a Sharīʿah-compliance rating mechanism for the Islamic financial services industry (IFSI), with a special focus on banking. The banking sector is taken…
Abstract
Purpose
This study aims to develop a Sharīʿah-compliance rating mechanism for the Islamic financial services industry (IFSI), with a special focus on banking. The banking sector is taken as the area of focus due to its leadership role in the volume of global Sharīʿah-compliant assets.
Design/methodology/approach
The objectives of the Islamic financial system (IFS) are selected as the basis for ratings. A range of performance indicators (leading to achievement of the objectives) is grouped into four broader categories and used in the study to allocate scores with a sum total of 100. Special considerations – including the amount of resources required in performing an activity, suitability of prevailing business conditions, the degree of compulsion/discretion in performing a task and linkage with the essence of the IFS – were taken into account in the allocation of scores.
Findings
This study groups multiple performance measures into four categories, including portfolio construction (deposits mechanism, participatory and asset-based modes of financing), access to finance (service to the less-privileged and sector screening), reputation (disclosures and stakeholders’ survey) and Sharīʿah governance (Sharīʿah supervision and controls, charitable operations, human resources, product development and organization). The Portfolio, Audit, Reputation and System (PARS) rating system is then developed.
Practical implications
A Sharīʿah-compliance rating system is helpful in measuring the progress towards goal achievement of the IFS and in gaining stakeholders’ trust. It is also important for Sharīʿah boards and regulators in policy formulation, for management in addressing weaknesses and taking corrective measures and potentially for standard-setting bodies.
Originality/value
This study presents a comprehensive quantitative Sharīʿah-compliance rating mechanism, taking into consideration the objectives of the IFS – equitable distribution of wealth and financial stability, in addition to Sharīʿah-compliance in operations. Development of Sharīʿah-compliance quality ratings for Islamic banking is essential to gain customers’ trust; the suggested methodology is thus a contribution to the literature on Islamic finance.
Details
Keywords
Johannes Slacik, Birgit Grüb and Dorothea Greiling
Literature shows that a strong link between sustainability control systems and sustainability management (SM) fosters sustainability development (SD) and compliance with…
Abstract
Purpose
Literature shows that a strong link between sustainability control systems and sustainability management (SM) fosters sustainability development (SD) and compliance with regulatory requirements and stakeholder expectations. Research on the integration of SM and its control mechanisms in corporate business remains scarce. This study aims to focus on Sustainability Management Control Systems (S)MCS applied in Electric Utility Companies (EUC), which experience close scrutiny by its stakeholders in as much as they play an important role in climate change agendas.
Design/methodology/approach
The methodological approach includes in-depth expert interviews within seven Austrian EUC followed by qualitative content analysis. This study builds on “MCS as a package” by Malmi and Brown (2008). Institutional logics (IL) are used for the theoretical approach.
Findings
Results show that several IL are involved in implementing strategic SMCS in EUC. Managers cope by integrating emerging hybrid logics, selectively coupled SMCS and making sense by building a communication bridge between the strategic and operative levels to create awareness.
Research limitations/implications
Results show that managers in EUC have to acquire a new hybrid logic for SD. This implies the use of informal controls and a strong focus on administrative and cultural controls as the main control mechanisms for SM.
Originality/value
The paper contributes to MCS research by using the scarcely applied theoretical framework of IL. Findings facilitate a better understanding of the control mechanisms behind SM and the coping strategies of managers in applying SMCS.
Details
Keywords
This study aims to address how the ISO 14001 standardisation and certification process improves substantive performance in small to medium-sized enterprises (SMEs) through the…
Abstract
Purpose
This study aims to address how the ISO 14001 standardisation and certification process improves substantive performance in small to medium-sized enterprises (SMEs) through the development of an environmental management control system (EMCS).
Design/methodology/approach
A qualitative cross-case interview design with those responsible for the implementation of an environmental management system (certified to ISO 14001) in SMEs is adopted to inductively “theorise” the EMCS.
Findings
The design and monitoring of environmental controls are often beyond the scope of the SMEs’ top management team and include extra-organisational dimensions such as the external audit and institutional requirements. This suggests more complex control pathways for SMEs to produce EMCS that primarily function as packages and are broader than the analytical level of the firm. Here, controlling for environmental performance exists at strategic and operational levels, as well as beyond the SMEs’ boundaries.
Practical implications
Various internal controls are put forward for SME owner-managers to meet environmental targets (e.g. gamification and interpersonal communication strategies). This builds upon a broader accountability perspective wherein formalised hierarchical control is only one route for ensuring sustainable action within the ISO 14001-certified SMEs.
Social implications
This study contributes to a more sustainable society through developing an understanding of how environmental sustainability is substantively managed by SMEs to improve performance for current and future generations.
Originality/value
This paper, to the best of the author’s knowledge, is one of the first to establish how SMEs control for environmental sustainability from empirically derived evidence. In doing so, it provides an example of the EMCS for the SME context.
Details
Keywords
Hira Hafeez, Muhammad Ibrahim Abdullah, Muhammad Asif Zaheer and Qurratulain Ahsan
The purpose of the study is to create substantial awareness for safety precautions and safety parameters to lessen occupational injuries and accidents. Utilization of safety…
Abstract
Purpose
The purpose of the study is to create substantial awareness for safety precautions and safety parameters to lessen occupational injuries and accidents. Utilization of safety culture phenomenon with its fundamental understanding has imperative consideration for safety compliance and participation behaviors. Thoughtful aim of this study is the extension of knowledge related to safety orientation particularly in primary health-care workforce.
Design/methodology/approach
Only slips and trips accounted for 40% of workplace injuries in nursing professionals. To identity, the data were collected through structured surveys from nursing professionals of public and private hospitals in Pakistan. To evaluate that data for current study, standardized regression coefficients (parameter estimation) with 95% confidence interval and 5,000 bootstrap samples were subjected. Confirmatory factor analysis was also used to measure the validity of study constructs.
Findings
The potential findings of present study have assured the presence of safety culture at workplace has potential to influences negative safety outcomes. In addition, safety compliance and safety participation as mediation paths would be the strengthening addition to safety model. These findings have extended the existing understanding of compliance and participation behaviors from single factor to two different constructs of safety orientation. This safety culture model offers an evidence-based approach to nursing practitioners and nursing managers with implications for nurse’s safety, education and training.
Originality/value
Occupational injuries and accidental happenings have adversely affecting the quality of care, patient’s recovery spam, satisfaction level and psychological health in care agents. This study has proposed a comprehensive model for understanding the mechanism of possible and reliable safety implications at health-care units. Prior knowledge has limitation to the inevitable effects of occupational injuries only rather than focusing on corrective actions against this phenomenon.
Details
Keywords
Virpi Ala-Heikkilä and Marko Järvenpää
This study aims to take a step toward integrating research regarding the image, role and identity of management accountants by understanding how employers’ perceptions of the…
Abstract
Purpose
This study aims to take a step toward integrating research regarding the image, role and identity of management accountants by understanding how employers’ perceptions of the ideal management accountant image differ from operational managers’ perceived role expectations, how management accountants perceive their identity and how those factors shape management accountants’ understanding of who they are and want to be.
Design/methodology/approach
A qualitative design draws upon the case company’s 100 job advertisements and 31 semi-structured interviews with management accountants and operational managers. Those data are entwined with role theory and its core concepts of expectations and identities and also early recruitment-related theoretical aspects such as image and employer branding.
Findings
The findings reveal how employers’ perceptions of the ideal image and operational managers’ role expectations shape and influence the identity of management accountants. However, management accountants distance themselves from a brand image and role expectations. They experience identity conflict between their current and desired identity, the perception of not being able to perform the currently desired role. Although this study presents some possible reasons and explanations, such as employer branding for the misalignment and discrepancy between perceptions of employer (image), expectations of operational managers (role) and management accountants’ self-conception of the role (identity), this study argues that the identity of a management accountant results from organizational aspects of image and role and individual aspects of identity.
Research limitations/implications
Image and external role expectations can challenge identity construction and also serve as a source of conflict and frustration; thus, a more comprehensive approach to studying the identity of management accountants is necessary to understand what contributes to the fragility of their identity.
Practical implications
The results provide an understanding of the dynamics of the image, role and identity to support management accountants and employers and to further address the suggested dissonance and ambiguities.
Originality/value
This study contributes by showing how the dynamics and connections between the image, role and identity influence the identity construction of management accountants. Moreover, this study shows how overpromising as a part of employer branding might not reflect the reality experienced by management accountants but may cause frustration and threaten the management accountants’ identity.
Details
Keywords
Dijana Peras and Renata Mekovec
The purpose of this paper is to improve the understanding of cloud service users’ privacy concerns, which are anticipated to considerably hinder cloud service market growth. The…
Abstract
Purpose
The purpose of this paper is to improve the understanding of cloud service users’ privacy concerns, which are anticipated to considerably hinder cloud service market growth. The researchers have explored privacy concerns from dimensions that were identified as relevant in the cloud context.
Design/methodology/approach
Content analysis was used to identify privacy problems that were most often raised in previous cloud research. Multidimensional developmental theory (MDT) was used to build a conceptual model of cloud privacy concerns. Literature review was made to identify the privacy-related constructs used to measure privacy concerns in previous cloud research.
Findings
The paper provides systematization of recent cloud privacy research, proposal of a conceptual model of cloud privacy concerns, identification of measuring instruments that were used to measure privacy concerns in previous cloud research and identification of categories of problems that need to be addressed in future cloud research.
Originality/value
This paper has identified the categories of privacy problems and dimensions that have not yet been measured in the cloud context, to the best of the authors’ knowledge. Their simultaneous examination could clarify the effects of different dimensions on the privacy concerns of cloud users. The conceptual model of cloud privacy concerns will allow cloud service providers to focus on key cloud problems affecting users’ privacy concerns and use the most appropriate privacy protection communication and preservation approaches.
Details