Search results

The aim of this study is to encourage management boards to recognize that employees play a major role in the management of information security. Thus, these issues need to be addressed efficiently, especially in organizations in which data are a valuable asset.

Before developing the instrument for the survey, first, effective measurement built upon existing literature review was identified and developed and the survey questionnaires were set according to past studies and the findings based on qualitative analyses. Data were collected by using cross-sectional questionnaire and a Likert scale, whereby each question was related to an item as in the work of Witherspoon et al. (2013). Data analysis was done using the SPSS.3B.

Based on the results from three surveys and findings, a principle of information security compliance practices was proposed based on the authors’ proposed nine-five-circle (NFC) principle that enhances information security management by identifying human conduct and IT security-related issues regarding the aspect of information security management. Furthermore, the authors’ principle has enabled closing the gap between technology and humans in this study by proving that the factors in the present study’s finding are interrelated and work together, rather than on their own.

The main objective of this study was to address the lack of research evidence on what mobilizes and influences information security management development and implementation. This objective has been fulfilled by surveying, collecting and analyzing data and by giving an account of the attributes that hinder information security management. Accordingly, a major practical contribution of the present research is the empirical data it provides that enable obtaining a bigger picture and precise information about the real issues that cause information security management shortcomings.

In this sense, despite the fact that this study has limitations concerning the development of a diagnostic tool, it is obviously the main procedure for the measurements of a framework to assess information security compliance policies in the organizations surveyed.

The present study’s discoveries recommend in actuality that using flexible tools that can be scoped to meet individual organizational needs have positive effects on the implementation of information security management policies within an organization. Accordingly, the research proposes that organizations should forsake the oversimplified generalized guidelines that neglect the verification of the difference in information security requirements in various organizations. Instead, they should focus on the issue of how to sustain and enhance their organization’s compliance through a dynamic compliance process that involves awareness of the compliance regulation, controlling integration and closing gaps.

The rapid growth of information technology (IT) has created numerous business opportunities. At the same time, this growth has increased information security risk. IT security risk is an important issue in industrial sectors, and in organizations that are innovating owing to globalization or changes in organizational culture. Previously, technology-associated risk assessments focused on various technology factors, but as of the early twenty-first century, the most important issue identified in technology risk studies is the human factor.

Many commentators believe that we are racing into the age of Information Technology (IT). If in most cases the reality lags some way behind the image, it nevertheless remains the case that organisations are increasingly investing in, or considering investing in, a wide range of new high technologies. In manufacturing firms, for example, computerised numerically controlled machine tools are in widespread application, and robots, flexible manufacturing systems and computer‐aided design are no longer rare. A similar picture emerges with regard to office‐based technologies, such as management information and word processing systems, and within service‐oriented organisations where innovations include, for example, Electronic Point Of Sale (EPOS) in retailing and direct debit and credit transfer in banking.

The purpose of this paper is to map and describe findings from research conducted in workspaces designed to support activity-based working (ABW) over the past 10 years (2010–2020) with a view of informing post-COVID workplaces of the positive and negative attributes of ABW.

Scopus was used as the search engine for this review. Papers which reported findings related to ABW and performed field study in ABW workspaces with adult occupants were included. Out of the 442 initial papers, 40 papers were included following iterative title and abstract and full text review process and consideration of inclusion and exclusion criteria. These papers were divided into three groupings (organizational, human and physical environment) based on their major focus. Positive and negative effects of ABW environments on occupants are discussed within these three topics in consideration of the implications for the post-COVID workplace.

Although the included studies were inclined to be either more positive (i.e. interior design) or negative (i.e. indoor environmental quality, productivity, distraction and privacy) in relation to various attributes of ABW, no single effect of ABW environments on occupants was in full agreement between the studies. The shortcomings of ABW environments are more related to how this way of working is implemented and how occupants use it, rather than the concept itself. A partial uptake of ABW leads to occupants’ dissatisfaction, lower productivity and lower well-being, while a holistic approach increases the chance of success. It is hypothesised that many currently reported negative aspects of the ABW concept might diminish overtime as ABW evolves and as new challenges arise. A continuous post-occupancy evaluation after relocation to an ABW-supportive environment can inform the organization about the changing needs and preference of the occupants; hence, the organization can tailor the ABW solution to the arising needs. The inter-connection between the three key ABW pillars (organizational, human and physical environment) is crucial to the success of this concept specifically in the context of the post-COVID-19 workplace.

This paper highlights the key shortcomings and limitations of studies produced over the past decade and identifies keys gaps in the current body of literature. It provides a new insight on how findings related to open-plan offices designed to support ABW can be categorized on the three big heading of organizational, physical and human-related aspects, and further investigates the positive and negatives outcomes reported on ABW under these headings. It also discusses how the findings arising from this literature review can inform the post-COVID workplace.

The purpose of this paper is to present an integrative framework for handling the security and usability conflicts during the system development lifecycle. The framework has been formulated while considering key concerns raised after conducting a series of interviews with practitioners from the industry. The framework is aimed at assisting system designers and developers in making reasonably accurate choices when it comes to the trade-offs between security and usability. The outcomes of using the framework are documented as design patterns, which are disseminated among the community of system designers and developers for use in other but similar contexts.

A design science research approach was used to develop the integrative framework for usable security. Interviews were conducted for identification of the key concerns; however, the framework was validated during a workshop. Moreover, to validate the patterns’ template and the usable security pattern identified after instantiating the framework, a survey instrument was used.

It is important to consider the usability aspect in the development of security systems; otherwise, the systems, despite being secure against attacks, would be susceptible to user mistakes leading to compromises. It is worthwhile to handle usable security concerns right from the start of system development life cycle. Design patterns can help the developers in assessing the usability of their security options.

The framework would assist the designers and developers in handling the security and usability conflicts right from the start of the system development life cycle. The patterns documented after using the framework would help not only the designers and developers working in the industry but also freelancers.

The authors present a novel framework to handle the security and usability conflicts during the system development life cycle. The development process of the framework was driven by the concerns raised after a series of interviews with the practitioners from industry. The framework presented in this paper was validated during a workshop in which it was exposed for review and comments by the participants from the industry. To demonstrate the use of patterns in general and the framework in particular, a case study featuring smart grids from the domain of cyber-physical systems is presented, which (to the best of the authors’ knowledge) features the first work relevant to usable security in the domain of cyber-physical systems.

The Nature of Business Policy Business policy — or general management — is concerned with the following six major functions:

The field of knowledge management (KM) is highly estimated in research and practice but at the same time relatively diffuse and scattered into diverging concepts, perspectives and disciplines. On that background, it was the aim of this delphi study to give more structure to the field of KM and to get an outlook on worthwhile developments for the next ten years. International experts of KM from natural/technical and social/business sciences as well as practicians of KM with a similar background were asked some basic questions onto the future of KM in two rounds. According to the experts, the future of knowledge management lies in a better integration into the common business processes, a concentration on the human‐organization‐interface and a better match of IT‐aspects to human factors whereas IT‐aspects rank low on this agenda. There are no broadly agreed theoretical approaches though something can be gained from the related organizational learning field; in general much more interdisciplinary and empirical research is needed. There are also almost no broadly agreed practical approaches besides communities of practice.

The current study aimed to develop and validate Mobile Information Security Awareness Scale (MISAS) based on the prototype model for measuring information security awareness and the relevant literature.

The scale was developed and validated with the participation of 562 students from four universities. The construct validity of the scale was tested through exploratory factor analysis and confirmatory factor analysis.

The reliability of the scale was tested through corrected item-total correlations and Cronbach alpha. The MISAS includes six factors and 17 items. The identified factors were labeled as backup, instant messaging and navigation, password protection, update, access permission and using others' devices.

The scale included only the human aspects of mobile information security. The technical aspects are not within the scope of this study. For this reason, future studies might develop and validate a different scale focusing on the technical aspects of mobile information security.

The developed scale contributes to the literature on the human aspects of mobile information security.

There has been much research and many follow-up recommendations on how to introduce a new electronic human resource management (e-HRM) system to employees in order to avoid or minimize troubles during its implementation. However, implementation projects are known to be time consuming, indirect, and sometimes impulsive developments, leading to a mismatch between the initial ideas behind information technologies and the use in practice, the employees' perceptions and their experience. Paraphrasing Block, I put forward the following question: If I define successful e-HRM as one that is developed on-time and within budget, is reliable and easily maintained, and meets the specified requirements of HR professionals, line managers, and employees — how many organizations would acknowledge having successful e-HRM? (Block, R. (1983). The politics of project. New York: Yourdon Press). This chapter explores lessons from information technology (IT) studies that e-HRM researchers can learn and apply to better understand complex e-HRM implementation projects.

The purpose of this paper is to examine if, and how, investments in IT at different levels can create new product development (NPD) capabilities in terms of IT leveraging competence in NPD and NPD effectiveness. The paper also investigates how Iranian small businesses (SBs) can achieve desired marketing performance through developing these capabilities.

The paper is consistent with the perspective on IT‐enabled organizational capabilities. A questionnaire‐based survey was conducted to collect data from 218 businesses or NPD managers of SBs in Iran.

IT leveraging competence in NPD and NPD effectiveness are valuable key capabilities that transform the value of IT resources to a firm's performance for Iranian SBs. Investments in both technical and human IT resources have positive effects on the development of NPD capabilities, and thus performance in the surveyed SBs.

Among other limitations, relying on a small sample size and cross‐sectional data of this research, and lack of generalizability of findings tend to have certain limitations.

The results suggest that the investments in both technical and human IT resources increase firms' ability to develop effectiveness in NPD. However, IT investments strategy should be aligned with effective use of IT functionalities, as the effect of IT leveraging competence in development of NPD effectiveness is more pronounced. Second, IT leveraging competence in NPD and NPD effectiveness are important intermediate organizational capabilities through which the benefits of both technical and human IT resources are converted into performance effects at the firm level for Iranian SBs.

This case study explores how Iranian SBs can develop NPD capabilities, and subsequently, marketing performance, a topic that has received little attention to date.

The research aims at finding out the extent to which such urban transformation projects—in terms of their design components and aspects—contribute to providing big data (BD) with effective datasets, which are considered a key requirement in operating smart city solutions.

The present research investigates the predisposition level of these projects for supporting the BD through one of the urban initiatives for humanizing neighborhoods in Al Riyadh city (KSA). The selected case is analyzed by mapping the functional performance of its design features with certain characteristics of BD.

One of the core conclusions is: Despite the readiness of the design components of these projects to provide high levels of integration with IoT and smart transformation, the level of application is lower than expected on account of the dearth of initial targets and strategies, especially the lack of a supporting environment, street facilities and security and safety datasets.

The answer—arrived at through both descriptive and analytical approaches—is expected to guide those who query the further key concept of smart applications—is the answer characterized as technologically based, or is the same based on human aspects?