Search results

This paper presents a method for adapting an Information Security Focus Area Maturity (ISFAM) model to the organizational characteristics (OCs) of a small- and medium-sized enterprise (SME) cluster. The purpose of this paper is to provide SMEs with a tailored maturity model enabling them to capture and improve their information security capabilities.

Design Science Research was followed to design and evaluate the method as a design artifact.

The method has successfully been used to adapt the ISFAM model to a group of SMEs within a regional cluster resulting in a model that is aligned with the OCs of the cluster. Areas for further investigation and improvements were identified.

The study is based on applying the proposed method for the SMEs active in the transport, logistics and packaging sector in the Port of Rotterdam. Future research can focus on different sectors and regions. The method can be used for adapting other focus area maturity models.

The resulting adapted maturity model can facilitate the creation and further development of a base of common or shared knowledge in the cluster. The adapted maturity model can cut the cost of over implementation of information security capabilities for the SMEs with scarce resources.

The resulting adapted maturity model can facilitate the creation and further development of a base of common or shared knowledge in the cluster. The adapted maturity model can cut the cost of over implementation of information security capabilities for the SMEs with scarce resources.

This paper aims to provide a maturity model for information security awareness (MMISA), based on the literature, expert interviews and feedback. In addition to developing the MMISA, the authors investigate the role of the three decisive factors that affect ISA maturity level: risk management mechanism, organizational structure and ISA.

The research methodology is a combined one; qualitative and quantitative methods were applied, including surveying the literature, interviews and developing a survey to collect quantitative data about decisive factors that affect ISA maturity level. The authors perform a variance-based partial least squares-structural equation modeling (PLS-SEM) investigation of the relationships between these factors.

The investigation of decisive factors of ISA maturity levels revealed that if the authors identify a strong risk assessment mechanism (through a documented methodology and reliable results), the authors can expect a high level of ISA. If there is a well-defined organizational structure with clear responsibilities, this supports the linking of a risk management mechanism with the level of ISA. The connection between organizational structure and ISA maturity level is supported by ISA activities: an increased level of awareness actions strengthens an organizational structure via the best practices learned by the staff.

The main contribution of the proposed MMISA model is that the model offers controls and audit evidence for maturity levels. Beyond that, the authors distinguish in the MMISA model controls supporting knowledge and controls supporting attitude, emphasizing that this is not enough to know what to do, but the proper attitude is required too. The authors didn't find any other ISA maturity model which has a similar feature. The contribution of the authors' work is that the authors provide a method for solving this complex measurement problem via the MMISA, which also offers direct guidance for the daily practices of organizations.

Insufficient productivity development in the global and Finnish infrastructure sectors indicates that there are challenges in genuinely achieving the goals of resource efficiency and digitalization. This study adapts the approach of capability maturity model integration (CMMI) for examining the capabilities for productivity development that reveal the enablers of improving productivity in the infrastructure sector.

Civil engineering in Finland was selected as the study area, and a qualitative research approach was adopted. A novel maturity model was constructed deductively through a three-step analytical process. Previous research literature was adapted to form a framework with maturity levels and key process areas (KPAs). KPA attributes and their maturity criteria were formed through a thematic analysis of interview data from 12 semi-structured group interviews. Finally, validation and refinement of the model were performed with an expert panel.

This paper provides a novel maturity model for examining and enhancing the infrastructure sector’s maturity in productivity development. The model brings into discussion the current business logics, relevance of lifecycle-thinking, binding targets and outcomes of limited activities in the surrounding infrastructure system.

This paper provides a new approach for pursuing productivity development in the infrastructure sector by constructing a maturity model that adapts the concepts of CMMI and change management. The model and findings benefit all actors in the sector and provide an understanding of the required elements and means to achieve a more sustainable built environment and effective operations.

Recent research outputs can be difficult to implement into ongoing safety critical processes. Hence, research is well beyond current practices in railway asset management. This paper demonstrates the process of creating tangible change within a railway asset management organization by introducing a framework for advancing track geometry deterioration analyses (TGDA) in practice.

The research was conducted in three parts: (1) maturity models were reviewed and adapted as the basis for the framework, (2) the initial maturity level was investigated by conducting semi-structured expert interviews, and (3) a framework for development was created in cooperation with stakeholders during three workshops. The methodology and findings were tested and applied in the Finnish state rail network asset management.

The main output of this study is the framework for advancing TGDA in railway asset management. The novel framework provides structure for controlled incremental development, which is essential when altering a safety critical process.

The research process was successfully applied in Finland. Following the steps presented in this article, any organization can apply the framework to plan their development schemes for railway asset management.

Full-scale implementation of novel models and methods is often overlooked, which prevents practical asset management from obtaining tangible benefits from research. This research provides an innovative approach in narrowing the overlooked research gap and brings research results within the reach of practitioners.

The purpose of this paper is to understand the association between the capacity to use enterprise architecture tools and the effectiveness of business model digitalization in companies.

The authors used two research strategies – survey and focus group – to analyze the relationship between maturity in using enterprise architecture (EA) and digital maturity, under the perspective of sociomateriality.

The use of EA is not a strategic competence that contributes to building sustainable competitive advantage, in the process of business model digitalization. On the other hand, top management’s determination and clarity, expressed by its sponsorship to communicating the strategy, contribute to the integration, engagement and adaptability of those involved and are responsible for higher maturity in the digitalization of business models.

The statistical treatment used does not allow understanding the causality between the variables.

It provides executives with important elements for clarifying and operationalizing digital business models.

The study operationalizes a theoretical and measurement model, through a strategy that used simultaneously a survey and a focus group, which allowed to know associations between technological capacities and maturity in digital business models.

A globalized world demands proactive tactics from organizational supply chains. Companies should be capable of mitigating the impacts of natural and manmade disasters, which requires that they understand their stages of maturity and resilience. This study develops a theoretical model of the relationship between maturity and resilience, seeking to guide decision-making about aligning these two concepts.

A systematic literature review was conducted to identify the constructs that form the basis for our proposed maturity and resilience model.

The authors identified the key constructs related to maturity and resilience by analyzing the existing literature and selected 13 constructs and 3 maturity stages to construct our maturity and resilience model.

This research contributes to the supply chain management literature, especially that involving the themes of maturity and resilience. It can encourage research to develop future empirical research in the field to validate and overcome the limitations of the initial model the authors propose.

The authors’ proposed model supports supply chain managers in establishing strategies to increase resilience based on the maturity of the chains they manage, enabling them to face crises such as the coronavirus disease 2019 (COVID-19) pandemic.

The model presents a holistic view of maturity and resilience in supply chains contributing to supply chain theory by examining the alignment between the two themes.

This study aims to develop a systematic method called servitization maturity model to support companies in developing distinctive capabilities for successful servitization.

The concept of maturity models is adopted to support companies in developing distinctive capabilities for servitization. A systematic literature review and case study approach are employed to develop the maturity model.

The findings highlight 46 capabilities classified into seven categories: strategy and leadership, performance, offerings, customers, organization, network and digital technology. Furthermore, the evolutionary path is defined by combining two types of levels, i.e. capability and maturity levels, to develop these capabilities.

The evolutionary path was partially validated through the application, while further investigation is required to validate the evolutionary path. Therefore, future research should investigate the further validation of the evolutionary path by conducting multiple case studies.

The proposed maturity model enables companies to not only capture the bigger picture of the required capabilities without oversight, but also determine a process for improving the requisite capabilities with feasible efforts.

Existing maturity models focused on the transition from less to more advanced services. However, recent studies emphasized that companies need to determine strategies that reflect their capabilities rather than simply move toward more advanced services. Based on this assumption, this study provides successive stages that enable companies to improve their capabilities through feasible efforts.

This study aims to investigate three relevant antecedents of digital transformation (digital orientation, digital intensity and digital maturity) and their influences on the financial success of companies.

Building on the strategic management and digital transformation literature, five hypotheses are developed to find the relationships between these antecedents and financial success.

Digital orientation and digital intensity alone do not contribute to the financial success of companies. Specifically, digital intensity serves as a negative moderator between digital orientation and financial success, meaning that it reduces the performance effects of digital orientation. Digital maturity acts as a mediator between digital orientation and the financial success of companies and between digital intensity and the financial success of companies.

This research contributes to the literature on strategic management and digital transformation by providing a further understanding of three relevant antecedents of digital transformation (digital orientation, digital intensity and digital maturity) and how they should be positioned alongside digital transformation settings to achieve financial success.

The purpose of this paper is to define the integration capability dimensions and create a model for self-assessing the integration capability in inter-organizational projects.

A theoretical construct of, referred in this study as integration capability framework is elaborated following a systematic literature review. Thereafter, an integration capability self-assessment model, based on maturity thinking, is derived from the theoretical framework. The self-assessment model is further developed and tested for validity within five inter-organizational project networks in cooperation with industry practitioners, representing construction, industrial engineering, and mining sectors.

The results show that inter-organizational projects can use the developed model in self-assessing the maturity levels of various integration mechanisms, thus the state of integration capability at any point in time during inter-organizational projects.

This study is an attempt to identify how the integration capability dimensions can be self-assessed in inter-organizational projects, through the maturity levels of various integration mechanisms. The results offer insights for both academics and project management practitioners.

Information systems' security is more critical than ever before since security threats are rapidly growing. Before putting in place information systems' security measures, organizations are required to determine the maturity level of their information security governance. Literature review reveals that there is no recent study on information systems' security maturity level of banks in Ethiopia. This study thus seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators.

Four private banks are selected as a representative sample. The system security engineering capability maturity model (SSE-CMM) is used as the maturity measurement criteria, and the measurement was based on ISO/IEC 27001 information security control areas. The data for the study were gathered using a questionnaire.

A total of 93 valid questionnaires were gathered from 110 participants in the study. Based on the SSE-CMM maturity model assessment criteria the private banking industry's current maturity level is level 2 (repeatable but intuitive). Institutions have a pattern that is repeated when completing information security operations but its existence was not thoroughly proven and institutional inconsistency still exists.

This study seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators. This topic has not been attempted previously in the context of Ethiopian financial sector.