Search results

This paper aims to investigate how congruent keywords are used in information security policies (ISPs) to pinpoint and guide clear actionable advice and suggest a metric for measuring the quality of keyword use in ISPs.

A qualitative content analysis of 15 ISPs from public agencies in Sweden was conducted with the aid of Orange Data Mining Software. The authors extracted 890 sentences from these ISPs that included one or more of the analyzed keywords. These sentences were analyzed using the new metric – keyword loss of specificity – to assess to what extent the selected keywords were used for pinpointing and guiding actionable advice. Thus, the authors classified the extracted sentences as either actionable advice or other information, depending on the type of information conveyed.

The results show a significant keyword loss of specificity in relation to pieces of actionable advice in ISPs provided by Swedish public agencies. About two-thirds of the sentences in which the analyzed keywords were used focused on information other than actionable advice. Such dual use of keywords reduces the possibility of pinpointing and communicating clear, actionable advice.

The suggested metric provides a means to assess the quality of how keywords are used in ISPs for different purposes. The results show that more research is needed on how keywords are used in ISPs.

The authors recommended that ISP designers exercise caution when using keywords in ISPs and maintain coherency in their use of keywords. ISP designers can use the suggested metrics to assess the quality of actionable advice in their ISPs.

The keyword loss of specificity metric adds to the few quantitative metrics available to assess ISP quality. To the best of the authors’ knowledge, applying this metric is a first attempt to measure the quality of actionable advice in ISPs.

This paper aims to investigate the impact of corporate dividend policy on the capital structure in the Korean stock market. To distinctly discern the voluntariness of changes in corporate dividend policy, we analyze companies that, following a substantial increase, do not reduce dividends for the subsequent two years or, after a significant decrease, do not raise dividends for the following two years. Our empirical findings indicate that companies that increase dividends experience a significant decrease in both book and market leverage, even after controlling for variables such as target leverage ratios. This result suggests that a large increase in dividends can effectively reduce information asymmetry, leading to a lower cost of equity. On the contrary, after a decrease in dividends, both book leverage and market leverage significantly increase, revealing a symmetric relationship between dividend policy and capital structure. In conclusion, large dividend increases in Korean companies not only reduce information asymmetry but also lower the cost of equity capital, resulting in observable changes in the leverage ratio.

With the worldwide open government data (OGD) movement and frequent public health emergencies in recent years, academic research on OGD for public health emergencies has been growing. However, it is not fully understood how to promote OGD on public health emergencies. Therefore, this paper aims to explore the factors that influence OGD on public health emergencies.

The technology–organization–environment framework is applied to explore factors that influence OGD during COVID-19. It is argued that the effects of four key factors – technical capacity, organizational readiness, social attention and top-down pressure – are contingent on the severity of the pandemic. A unique data set was created by combining multiple data sources which include archival government data, a survey of 1,034 Chinese respondents during the COVID-19 outbreak and official COVID-19 reports.

The data analysis indicates that the four factors positively affect OGD, and pandemic severity strengthens the effects of technical capacity, organizational readiness and social attention on OGD.

This study provides theoretical insights regarding how to improve OGD during public health emergencies, which can guide government efforts in sharing data with the public when dealing with outbreak in the future.

This pan-Canadian study examines the information practices of STEM-trained immigrant women to Canada as they navigate workfinding and workplace integration. Our study focuses on a population of highly skilled immigrant women from across Canada and uses an information practice lens to examine their lived experiences of migration and labour market integration. As highly trained STEM professionals in pursuit of employment, our participants have specific needs and challenges, and as we explore these, we consider the intersection of their information practices with government policies, settlement services and the hiring practices of STEM employers.

We conducted a qualitative study using in-depth interviews with 74 immigrant women across 13 Canadian provinces and territories to understand the nature of their engagement with employment-seeking in STEM sectors. This article reports the findings related to the settlement and information experiences of the immigrant women as they navigate new information landscapes.

As immigrants, as women and as STEM professionals, the experiences of the 74 participants reflect both marginality and privilege. The reality of their intersectional identities is that these women may not be well-served by broader settlement resources targeting newcomers, but neither are the specific conventions of networking and job-seeking in the STEM sectors in Canada fully apparent or accessible to them. The findings also point to the broader systemic and contextual factors that participants have to navigate and that shape in a major way their workfinding journeys.

The findings of this pan-Canadian study have theoretical and practical implications for policy and research. Through interviews with these STEM professionals, we highlight the barriers and challenges of an under-studied category of migrants (the highly skilled and “desirable” type of immigrants). We provide a critical discussion of their settlement experiences and expose the idiosyncrasies of a system that claims to value skilled talent while structurally making it very difficult to deliver on its promises to recruit and retain highly qualified personnel. Our findings point to specific aspects of these skilled professionals’ experiences, as well as the broader systemic and contextual factors that shape their workfinding journey.

A research line has emerged that is concerned with investigating human factors in information systems and cyber-security in organizations using various behavioural and socio-cognitive theories. This study aims to explore human and contextual factors influencing cyber security behaviour in organizations while drawing implications for cyber-security in higher education institutions.

A systematic literature review has been implemented. The reviewed studies have revealed various human and contextual factors that influence cyber-security behaviour in organizations, notably higher education institutions.

This review study offers practical implications for constructing and keeping a robust cyber-security organizational culture in higher education institutions for the sustainable development goals of cyber-security training and education.

The value of the current review arises in that it presents a comprehensive account of human factors affecting cyber-security in organizations, a topic that is rarely investigated in previous related literature. Furthermore, the current review sheds light on cyber-security in higher education from the weakest link perspective. Simultaneously, the study contributes to relevant literature by gaining insight into human factors and socio-technological controls related to cyber-security in higher education institutions.

This paper aims to understand the current development situation of scientific data management policy in China, analyze the content structure of the policy and provide a theoretical basis for the improvement and optimization of the policy system.

China's scientific data management policies were obtained through various channels such as searching government websites and policy and legal database, and 209 policies were finally identified as the sample for analysis after being screened and integrated. A three-dimensional framework was constructed based on the perspective of policy tools, combining stakeholder and lifecycle theories. And the content of policy texts was coded and quantitatively analyzed according to this framework.

China's scientific data management policies can be divided into four stages according to the time sequence: infancy, preliminary exploration, comprehensive promotion and key implementation. The policies use a combination of three types of policy tools: supply-side, environmental-side and demand-side, involving multiple stakeholders and covering all stages of the lifecycle. But policy tools and their application to stakeholders and lifecycle stages are imbalanced. The development of future scientific data management policy should strengthen the balance of policy tools, promote the participation of multiple subjects and focus on the supervision of the whole lifecycle.

This paper constructs a three-dimensional analytical framework and uses content analysis to quantitatively analyze scientific data management policy texts, extending the research perspective and research content in the field of scientific data management. The study identifies policy focuses and proposes several strategies that will help optimize the scientific data management policy.

In the online environment, consumers increasingly feel vulnerable due to firms’ expanding capabilities of collecting and using their data in an unsanctioned manner. Drawing from gossip theory, this research focuses on two key suppressors of consumer vulnerability: transparency and control. Previous studies conceptualize transparency and control from rationalistic approaches that overlook individual experiences and present a unidimensional conceptualization. This research aims to understand how individuals interpret transparency and control concerning privacy vulnerability in the online environment. Additionally, it explores strategic approaches to communicating the value of transparency and control.

An interpretivism paradigm and phenomenology were adopted in the research design. Data were collected through semi-structured interviews with 41 participants, including consumers and experts, and analyzed through thematic analysis.

The findings identify key conceptual dimensions of transparency and control by adapting justice theory. They also reveal that firms can communicate assurance, functional, technical and social values of transparency and control to address consumer vulnerability.

This research makes the following contributions to the data privacy literature. The findings exhibit multidimensional and comprehensive conceptualizations of transparency and control, including user, firm and information perspectives. Additionally, the conceptual framework combines empirical insights from both experiencers and observers to offer an understanding of how transparency and control serve as justice mechanisms to effectively tackle the issue of unsanctioned transmission of personal information and subsequently address vulnerability. Lastly, the findings provide strategic approaches to communicating the value of transparency and control.

The human factor is the most important defense asset against cyberattacks. To ensure that the human factor stays strong, a cybersecurity culture must be established and cultivated in a company to guide the attitudes and behaviors of employees. Many cybersecurity culture frameworks exist; however, their practical application is difficult. This paper aims to demonstrate how an established framework can be applied to determine and improve the cybersecurity culture of a company.

Two surveys were conducted within eight months in the internal IT department of a global software company to analyze the cybersecurity culture and the applied improvement measures. Both surveys comprised the same 23 questions to measure cybersecurity culture according to six dimensions: cybersecurity accountability, cybersecurity commitment, cybersecurity necessity and importance, cybersecurity policy effectiveness, information usage perception and management buy-in.

Results demonstrate that cybersecurity culture maturity can be determined and improved if accurate measures are derived from the results of the survey. The first survey showed potential for improving the dimensions of cybersecurity accountability, cybersecurity commitment and cybersecurity policy effectiveness, while the second survey proved that these dimensions have been improved.

This paper proves that practical application of cybersecurity culture frameworks is possible if they are appropriately tailored to a given organization. In this regard, scientific research and practical application combine to offer real value to researchers and cybersecurity executives.

Post-Sarbanes Oxley Act (SOX), the audit committee has been empowered greatly to play a central role in the corporate governance of firms. Embedded in agency theory, this study aims to examine the effect of the audit committee on the likelihood by firms to pay dividends.

The study population is US firms in the Institutional Shareholder Services (ISS) database from 2007 to 2018. The authors apply the multivariate logit fixed-effect regression for the analyses after conducting the appropriate statistical tests.

From the results of the research model, the authors find that there is a positive relationship between the size and gender diversity of the audit committee and the propensity to pay dividends suggesting that a larger audit committee with substantial women representation improve the information environment in firms leading to higher dividend distribution. The extent of busyness of the audit committee impacts negatively on the propensity to pay dividends. The results are driven by high-performing firms and not driven by specific levels of firm size.

The findings of the study give impetus to the audit committee as an important component of the corporate governance mechanism that advances the interest of stakeholders. Thus, efforts that seeks to promote the audit committee’s resourcefulness must be embraced by all stakeholders.

To the best of the authors’ knowledge, this study is the first to focus on audit committee and dividend payout policy of US firms post-SOX. The study demonstrates how the audit committee characteristics including its size, gender diversity and busyness affect dividend policy by mitigating information asymmetry problems.

Ethiopia has enacted laws on transparency and disclosure of information in state-owned enterprises (SOEs). However, these laws are not strict enough, with the transparency and disclosure practices disappointing in the country. Thus, this study aims to investigate the legal framework governing transparency and disclosure in SOEs.

This study uses doctrinal, qualitative and comparative approaches. Domestic legal texts are appraised based on the organization for economic co-operation and development Guideline on Corporate Governance of State-owned Enterprises, the World Bank Toolkit on Corporate Governance of State-owned Enterprises and best national practices. This approach has been further corroborated by qualitative analysis of the basic principles of transparency and disclosure.

The finding reveals that the laws on transparency and disclosure do not comply with global practices and are inadequate to ensure transparency and discourse in SOEs. They fail to establish appropriate disclosure frameworks and practices at the SOE and state-ownership entity levels. They also indiscriminately subject enterprises to multiple auditing functions and conflicting responsibilities.

To the author’s knowledge, this study is the first legal literature on transparency and disclosure in Ethiopian SOEs. This study assists the state as owner in reforming the laws and uplifting SOEs from their current unpleasant condition. It can also become a reference for future research.