Search results
1 – 6 of 6Elham Rostami, Fredrik Karlsson and Shang Gao
This paper aims to propose a conceptual model of policy components for software that supports modularizing and tailoring of information security policies (ISPs).
Abstract
Purpose
This paper aims to propose a conceptual model of policy components for software that supports modularizing and tailoring of information security policies (ISPs).
Design/methodology/approach
This study used a design science research approach, drawing on design knowledge from the field of situational method engineering. The conceptual model was developed as a unified modeling language class diagram using existing ISPs from public agencies in Sweden.
Findings
This study’s demonstration as proof of concept indicates that the conceptual model can be used to create free-standing modules that provide guidance about information security in relation to a specific work task and that these modules can be used across multiple tailored ISPs. Thus, the model can be considered as a step toward developing software to tailor ISPs.
Research limitations/implications
The proposed conceptual model bears several short- and long-term implications for research. In the short term, the model can act as a foundation for developing software to design tailored ISPs. In the long term, having software that enables tailorable ISPs will allow researchers to do new types of studies, such as evaluating the software's effectiveness in the ISP development process.
Practical implications
Practitioners can use the model to develop software that assist information security managers in designing tailored ISPs. Such a tool can offer the opportunity for information security managers to design more purposeful ISPs.
Originality/value
The proposed model offers a detailed and well-elaborated starting point for developing software that supports modularizing and tailoring of ISPs.
Details
Keywords
Elham Rostami and Fredrik Karlsson
This paper aims to investigate how congruent keywords are used in information security policies (ISPs) to pinpoint and guide clear actionable advice and suggest a metric for…
Abstract
Purpose
This paper aims to investigate how congruent keywords are used in information security policies (ISPs) to pinpoint and guide clear actionable advice and suggest a metric for measuring the quality of keyword use in ISPs.
Design/methodology/approach
A qualitative content analysis of 15 ISPs from public agencies in Sweden was conducted with the aid of Orange Data Mining Software. The authors extracted 890 sentences from these ISPs that included one or more of the analyzed keywords. These sentences were analyzed using the new metric – keyword loss of specificity – to assess to what extent the selected keywords were used for pinpointing and guiding actionable advice. Thus, the authors classified the extracted sentences as either actionable advice or other information, depending on the type of information conveyed.
Findings
The results show a significant keyword loss of specificity in relation to pieces of actionable advice in ISPs provided by Swedish public agencies. About two-thirds of the sentences in which the analyzed keywords were used focused on information other than actionable advice. Such dual use of keywords reduces the possibility of pinpointing and communicating clear, actionable advice.
Research limitations/implications
The suggested metric provides a means to assess the quality of how keywords are used in ISPs for different purposes. The results show that more research is needed on how keywords are used in ISPs.
Practical implications
The authors recommended that ISP designers exercise caution when using keywords in ISPs and maintain coherency in their use of keywords. ISP designers can use the suggested metrics to assess the quality of actionable advice in their ISPs.
Originality/value
The keyword loss of specificity metric adds to the few quantitative metrics available to assess ISP quality. To the best of the authors’ knowledge, applying this metric is a first attempt to measure the quality of actionable advice in ISPs.
Details
Keywords
Aidin Aryankhesal, Manal Etemadi, Zahra Agharahimi, Elham Rostami, Mohammad Mohseni and Zeinab Musavi
Exemption from hospital charges may appear as an essential policy in order to support the poor. Such policies can function for the fulfillment of governments’ social- and…
Abstract
Purpose
Exemption from hospital charges may appear as an essential policy in order to support the poor. Such policies can function for the fulfillment of governments’ social- and justice-based responsibilities in public hospitals. The purpose of this paper is to investigate the pattern of offering discounts to the poor and the effect of Iran’s recent Health Sector Evolution Plan on it.
Design/methodology/approach
The authors conducted analytical research longitudinally on the data related to cash discounts offered to the poor within a teaching hospital. Data were collected through the period of four months, September to December 2013, before the establishment of the Health Sector Evolution Plan, and in the similar months through 2014, after the establishment of the Health Sector Evolution Plan, in order to compare the amount of cash discounts. The type of insurance, length of stay, amount of discounts offered to patients, and total costs of hospital charges were studied and compared by referring to the social working department. Data were analyzed using the χ2-test, Mann-Whitney U test, ANOVA, and regression analysis aided by SPSS 20.
Findings
The number of patients offered discounts or exempted from payment in 2014 reduced compared to the number in 2013. The highest rate of demand for discounts was related to patients covered by Emdad Committee followed by those who had no insurance. The ratio of discount to cost in the oncology ward was higher than other groups.
Originality/value
The results of the present study can contribute to the plans of health system policy makers in organizing measures for supporting poor patients toward accessing healthcare services.
Details
Keywords
Elham Rostami, Fredrik Karlsson and Ella Kolkowska
The purpose of this paper is to survey existing information security policy (ISP) management research to scrutinise the extent to which manual and computerised support has been…
Abstract
Purpose
The purpose of this paper is to survey existing information security policy (ISP) management research to scrutinise the extent to which manual and computerised support has been suggested, and the way in which the suggested support has been brought about.
Design/methodology/approach
The results are based on a literature review of ISP management research published between 1990 and 2017.
Findings
Existing research has focused mostly on manual support for managing ISPs. Very few papers have considered computerised support. The entire complexity of the ISP management process has received little attention. Existing research has not focused much on the interaction between the different ISP management phases. Few research methods have been used extensively and intervention-oriented research is rare.
Research limitations/implications
Future research should to a larger extent address the interaction between the ISP management phases, apply more intervention research to develop computerised support for ISP management, investigate to what extent computerised support can enhance integration of ISP management phases and reduce the complexity of such a management process.
Practical implications
The limited focus on computerised support for ISP management affects the kind of advice and artefacts the research community can offer to practitioners.
Originality/value
Today, there are no literature reviews on to what extent computerised support the ISP management process. Findings on how the complexity of ISP management has been addressed and the research methods used extend beyond the existing knowledge base, allowing for a critical discussion of existing research and future research needs.
Details
Keywords
This chapter demonstrates that women challenge oppressive gender relations by engaging in active agency at different levels. Iranian women’s struggles for gender equality show a…
Abstract
Purpose
This chapter demonstrates that women challenge oppressive gender relations by engaging in active agency at different levels. Iranian women’s struggles for gender equality show a critical consciousness of the politics of local male domination and an indigenous contestation of the cultural practices which sanction injustices against women.
Design/methodology/approach
This chapter is based on the findings and analysis of the book, Women, Power and Politics in 21st Century in Iran. It is the result of the political and personal experiences of a number of Iranian women academics, journalist and activists who live and work in Iran.
Findings
Based on the updated findings and new statistical data, this chapter argues that women, despite their high level of education and activism, continue to face gender inequality, in particular in the sphere of employment.
Social implications
This chapter is intended to counter the often inaccurate and misleading impressions put forward by the media, politicians and some academics in the West when they talk about Iranian women. Within the broader feminist theoretical positioning, the aim of this chapter is to contribute to the debate on essentialism and the stereotype of Iranian women as submissive Muslim women without agency.
Originality/value
Feminist knowledge production is diverse. Nonetheless, consideration of the historical and geographical locations of feminist knowledge production is vital to our understanding of the complex processes of women’s liberation. Thus, Iranian women’s voices are important to what is traditionally understood as feminism.
Details
Keywords
Zehba Raizah and Abdelraheem M. Aly
The purpose of this paper is to perform numerical simulations based on the incompressible smoothed particle hydrodynamics (ISPH) method for thermo-diffusion convection in a…
Abstract
Purpose
The purpose of this paper is to perform numerical simulations based on the incompressible smoothed particle hydrodynamics (ISPH) method for thermo-diffusion convection in a hexagonal-shaped cavity saturated by a porous medium and suspended by a nano-encapsulated phase change material (NEPCM). Here, the solid particles are inserted into a phase change material to enhance its thermal performance.
Design/methodology/approach
Superellipse rotated shapes with variable lengths are embedded inside a hexagonal-shaped cavity. These inner shapes are rotated around their center by a uniform circular velocity and their conditions are positioned at high temperature and concentration. The controlling equations in a non-dimensional form were analyzed by using the ISPH method. At first, the validation of the ISPH results is performed. Afterward, the implications of a fusion temperature, lengths/types of the superellipse shapes, nanoparticles parameter and time parameter on the phase change heat transfer, isotherms, isoconcentration and streamlines were addressed.
Findings
The achieved simulations indicated that the excess in the length of an inner superellipse shape augments the temperature, concentration and maximum of the streamlines in a hexagonal-shaped cavity. The largest values of mean Nusselt number are attained at the inner rhombus shape with convex (n = 1.5) and the largest values of mean Sherwood number are attained at the inner rectangle shape with rounded corners (n = 4).
Originality/value
The ISPH method is developed to emulate the influences of the uniform rotation of the novel geometry shapes on heat/mass transport inside a hexagonal-shaped cavity suspended by NEPCM and saturated by porous media.
Details