Search results

This paper aims to examine how government continuity planning contributes to strengthening the public sector's emergency preparedness, resulting in enhanced resilience of the public sector. Government continuity plans (GCPs) are a recently focused concept in disaster preparedness, compared to business continuity plans (BCPs) in the private sector. The need for BCPs was widely recognized after the 2011 Great East Japan Earthquake (GEJE) and the 2011 Thailand Floods. However, recent disasters, such as the 2016 Kumamoto Earthquake in Japan, have revealed that local governments without effective GCPs were severely affected by disasters, preventing them from quickly responding to or recovering from disasters. When the GEJE occurred in 2011, only 11% of municipal governments in Japan had GCPs.

The paper analyzes basic principles of government continuity planning using complex adaptive systems (CAS) theory while summarizing recent developments in theory and practice of government continuity planning.

This research investigates the Japanese experience of GCPs using self-organization, one of the concepts of CAS. A GCP will complement regional disaster plans, which often focus on what governments should do to protect citizens during emergencies but fail to outline how governments should prepare for an emergency operation. The study concludes that GCPs contribute to increased resilience among the public sector in terms of robustness, redundancy, resourcefulness and rapidity.

This paper includes implications for the development and improvement of a GCP's operational guideline.

This research fulfills an identified need to investigate the effectiveness of a GCP for resilience in the public sector and how to improve its operation using concepts of CAS.

There is a noticeable confusion in the literature between Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP). The two expressions are very often used interchangeably especially when it comes to their application. In this paper, the differences between business continuity and disaster recovery are discussed. The disaster management cycle is also addressed in order to highlight the importance of having plans before, during and after the occurrence of an incident.

A review of the extant literature on business continuity and disaster recovery was made. A number of different views were then presented in order to provide a better understanding of the two concepts and their potential overlap/connection. The literature review was conducted in 2020 using a variety of academic resources ranging from journal articles to text books and credible Internet websites. Relevant journal articles were obtained from two primary databases: Emerald Insight and EBSCOhost. Keywords, such as DRP, continuity, disruption and BCP, were mainly used to facilitate the search for these resources and other related material.

Reviewing the literature revealed that BCP and DRP are not the same. Yet, they are used interchangeably very often in the literature. This indicates a possible relationship/overlap between the two. The relationship between BCP and DRP can be viewed from a variety of perspectives, which altogether provide a better understanding of their purposes and application.

On top of the need to differentiate between business continuity and disaster recovery, the widespread impact of the current COVID-19 crisis, especially on businesses and supply chains, has unfolded the necessity to deal with business disruptions in all their forms and the significance of quick and effective recovery. This research clarifies the purpose of BCP and the purpose of DRP and their role in combating impacts of disruptive incidents on businesses and organizations.

BCP and DRP are discussed extensively in the literature. Yet, few studies attempted to address the precise functions of the two resulting in an obvious confusion between their meaning and purpose which subsequently reduced the uniqueness of their application and the uniqueness of the application of each. Only a small minority of practitioners and academics recognise the precise differences between the two. This study aims at clarifying this misconception to a wider set of readers and interested parties.

This chapter examines lessons for response gleaned from 70 years of research on human and organizational behavior. These lessons for response are examined in the context of the current homeland security policy environment for national preparedness. This chapter also focuses on implementation steps for current preparedness guidance by law enforcement agencies. It joins research knowledge and policy to inform law enforcement planners in the development of local strategic-, operational-, and tactical-level response plans.

The purpose of this paper is to explore how companies approach the management of cyber and information risks in their supply chain, what initiatives they adopt to this aim, and to what extent along the supply chain. In fact, the increasing level of connectivity is transforming supply chains, and it creates new opportunities but also new risks in the cyber space. Hence, cyber supply chain risk management (CSCRM) is emerging as a new management construct. The ultimate aim is to help organizations in understanding and improving the CSCRM process and cyber resilience in their supply chains.

This research relied on a qualitative approach based on a comparative case study analysis involving five large multinational companies with headquarters, or branches, in the UK.

Results highlight the importance for CSCRM to shift the viewpoint from the traditional focus on companies’ internal information technology (IT) infrastructure, able to “firewall themselves” only, to the whole supply chain with a cross-functional approach; initiatives for CSCRM are mainly adopted to “respond” and “recover” without a well-rounded approach to supply chain resilience for a long-term capacity to adapt to changes according to an evolutionary approach. Initiatives are adopted at a firm/dyadic level, and a network perspective is missing.

This paper extends the current theory on cyber and information risks in supply chains, as a combination of supply chain risk management and resilience, and information risk management. It provides an analysis and classification of cyber and information risks, sources of risks and initiatives to managing them according to a supply chain perspective, along with an investigation of their adoption across the supply chain. It also studies how the concept of resilience has been deployed in the CSCRM process by companies. By laying the first empirical foundations of the subject, this study stimulates further research on the challenges and drivers of initiatives and coordination mechanisms for CSCRM at a supply chain network level.

Results invite companies to break the “silos” of their activities in CSCRM, embracing the whole supply chain network for better resilience. The adoption of IT security initiatives should be combined with organisational ones and extended beyond the dyad. Where applicable, initiatives should be bi-directional to involve supply chain partners, remove the typical isolation in the CSCRM process and leverage the value of information. Decisions on investments in CSCRM should involve also supply chain managers according to a holistic approach.

A supply chain perspective in the existing scientific contributions is missing in the management of cyber and information risk. This is one of the first empirical studies dealing with this interdisciplinary subject, focusing on risks that are now very high in the companies’ agenda, but still overlooked. It contributes to theory on information risk because it addresses cyber and information risks in massively connected supply chains through a holistic approach that includes technology, people and processes at an extended level that goes beyond the dyad.

Several emergency public health issues have a tremendous impact on and rely upon close coordination with law enforcement officials. Most interactions involve law enforcement personnel providing security, crowd control, and/or traffic control during public health related incidents. However, as varied chemical and biological threats have emerged over the years, this interaction has increased to include joint investigations between the two disciplines. Certain biological threats, such as pandemics, pose direct threats to the law enforcement agency operations. Understanding the role of public health in emergencies, the overlapping missions, and the threats at all levels allows law enforcement professionals to better prepare themselves and their organizations for coordinating operations and maintaining continuity of law enforcement services.

The purpose of the paper is to present the findings of a study of factory closure management. It details the sequence and the results of the key strategic manufacturing management decisions made from the time of the announcement of the plant closure to the cessation of operations. The paper also includes an analysis of the human resource management (HRM) actions taken during this same time period and their consequences upon all those involved in the closure management process.

The case study methodology consisted of two initial site visits to monitor closure management effectiveness (adherence to plan and the types and frequency of closure management communications). During these visits, documentary evidence of the impact of the closure decision upon production performance was also collected (manufacturing output and quality performance data). Following plant closure, interviews were held with senior business, production and HRM managers and production personnel. A total of 12 interviews were carried out.

The case study findings have informed the development of a conceptual model of facility closure management. Information obtained from the interviews suggests that the facility closure management process consists of five key management activities. The unexpected announcement of a factory closure can cause behavioural changes similar to those of bereavement, particularly by those employees who are its survivors. In addition, similar reactions to the closure announcement may be displayed by those who choose to remain employed by the factory owner throughout the phased closure of the plant.

Facility closure management is an insufficiently researched strategic operations management activity. This paper details a recommended procedure for its management. A conceptual model has also been developed to illustrate the links between the key facility closure management tasks and the range of employee changes of behaviour that can be induced by their execution.

The purpose of this paper is to analyse the concept of supply chain resilience (SCRES) within a concept mapping framework to seek conceptual clarity, with an emphasis on SCRES definitions, essential elements and managerial practices.

A systematic literature review was conducted of 103 peer-reviewed journal articles from the year 2000 to 2015, with the aim of answering a focus review question.

Through analysis and synthesis of the literature, the study revealed three major constructs used to define SCRES: phases of resilience, resilience strategies and the capabilities needed to be resilient. Emerging from the capabilities construct are five core SCRES capabilities: the ability to anticipate, to adapt, to respond, to recover and to learn. Also, given the need to consolidate the various constructs of SCRES, the study identified 13 essential elements and 84 managerial practices that support firms to achieve the five capabilities, which are then linked to SCRES strategies and phases to establish the connections that provide an integrated view of the concept.

The explorative nature of this study and the role of the concept mapping framework, which does not empirically test the relationships in the model, are considered as limitations, to be addressed by the authors in future research.

The originality of this paper lies in the classification of different features of SCRES through a comprehensive concept mapping framework that establishes relationships and interactions between them. This study, therefore, lays a foundation for testing these connections in future empirical studies. The paper brings together fragmented literature from multiple studies to create a solid body of knowledge that addresses the need for conceptual clarity in SCRES literature.

The business benefits that can be achieved have dominated the considerations as to whether or not to outsource information systems (IS). Very little attention appears to have been given to the compromises in IS security and control that follows such a move. Evaluates the loss in IS security and control when IS outsourcing occurs and proposes a new security framework for such a situation. Under IS outsourcing the emphasis changes from the physical protection of assets to the recovery of these resources, and application controls become less important relative to general controls. To be successful, the security and control framework for IS outsourcing needs to be integrated into the broader relationship that exists with the outsourcing vendor.

The purpose of this paper is to analyze the influence of corporate support programs on managers' environmental and social innovation behaviors. To offer a more comprehensive understanding of these relationships, the moderating role of technological reflectiveness and business moral values is also accounted for.

A scenario-based experimental study to test the impact of corporate support programs on environmental and social innovation behaviors is also adopted. After running a pretest to verify the effectiveness of alternative scenarios through 100 respondents with managerial experience residing in the UK and EU countries, we collected data from a sample of 220 senior managers of firms from the Australian food and beverage industry for the main study. One-way analysis of variance (ANOVA) with Dunnett's test to investigate direct relationships and the PROCESS Model to test the moderating role of technological reflectiveness and business moral values were used.

The findings reveal time provision, budget provision and advice provision as salient forms of corporate support programs that positively impact managers' environmental and social innovation behaviors. It is found that technological reflectiveness positively moderates the link between time provision and managers' social innovation behavior and negatively moderates the link between advice provision and managers' social innovation behavior. Furthermore, it is found that business moral values positively moderate the relationships between time and budget provisions and managers' environmental innovation behavior and between budget and advice provisions and managers' social innovation behavior.

The authors contribute to innovation and operations management research by adopting a behavioral operations management perspective and empirically analyzing the influences of managers' technological reflectiveness and business moral values on the relationship between organizational corporate support programs and managers' environmental and social innovation behavior in the context of the food and beverage industry.

This paper aims to identify and appropriately respond to any socio-technical gaps within organisational information and cybersecurity practices. This culminates in the equal emphasis of both the social, technical and environmental factors affecting security practices.

The socio-technical systems theory was used to develop a conceptual process model for analysing organisational practices in terms of their social, technical and environmental influence. The conceptual process model was then applied to specifically analyse some selected information and cybersecurity frameworks. The outcome of this exercise culminated in the design of a socio-technical systems cybersecurity framework that can be applied to any new or existing information and cybersecurity solutions in the organisation. A framework parameter to help continuously monitor the mutual alignment of the social, technical and environmental dimensions of the socio-technical systems cybersecurity framework was also introduced.

The results indicate a positive application of the socio-technical systems theory to the information and cybersecurity domain. In particular, the application of the conceptual process model is able to successfully categorise the selected information and cybersecurity practices into either social, technical or environmental practices. However, the validation of the socio-technical systems cybersecurity framework requires time and continuous monitoring in a real-life environment.

This research is beneficial to chief security officers, risk managers, information technology managers, security professionals and academics. They will gain more knowledge and understanding about the need to highlight the equal importance of both the social, technical and environmental dimensions of information and cybersecurity. Further, the less emphasised dimension is posited to open an equal but mutual security vulnerability gap as the more emphasised dimension. Both dimensions must, therefore, equally and jointly be emphasised for optimal security performance in the organisation.

The application of socio-technical systems theory to the information and cybersecurity domain has not received much attention. In this regard, the research adds value to the information and cybersecurity studies where too much emphasis is placed on security software and hardware capabilities.