Search results
1 – 10 of over 211000Thai Pham and Farkhondeh Hassandoust
Information security (InfoSec) policy violations are of great concern to all organisations worldwide, especially in the financial industry. Although the importance of InfoSec…
Abstract
Purpose
Information security (InfoSec) policy violations are of great concern to all organisations worldwide, especially in the financial industry. Although the importance of InfoSec policy has been highlighted for many decades, InfoSec breaches still occur due to a low level of employee compliance and a lack of engagement and competence in high-level management. However, previous studies have primarily investigated the behavioural aspects of InfoSec policy compliance at the individual level rather than the managerial factors involved in constructing InfoSec policy and developing its effectiveness. Thus, drawing on neo-institutional theory and a transformational leadership framework, this research investigated the influence of external mechanisms and transformational leadership on InfoSec policy effectiveness.
Design/methodology/approach
The research model was implemented using field survey data from professional managers in the financial sector.
Findings
The results reported that neo-institutional mechanisms and transformational leadership shape InfoSec policy effectiveness in an organisation.
Originality/value
This study broadens current InfoSec policy research from an individual level to a managerial perspective and enhances the existing literature on neo-institutional and transformational leadership in the context of InfoSec. It highlights the need to evaluate InfoSec policy based on external factors and to support transformational leadership styles that promote InfoSec policy enforcement and effectiveness.
Details
Keywords
Elham Rostami, Fredrik Karlsson and Ella Kolkowska
The purpose of this paper is to survey existing information security policy (ISP) management research to scrutinise the extent to which manual and computerised support has been…
Abstract
Purpose
The purpose of this paper is to survey existing information security policy (ISP) management research to scrutinise the extent to which manual and computerised support has been suggested, and the way in which the suggested support has been brought about.
Design/methodology/approach
The results are based on a literature review of ISP management research published between 1990 and 2017.
Findings
Existing research has focused mostly on manual support for managing ISPs. Very few papers have considered computerised support. The entire complexity of the ISP management process has received little attention. Existing research has not focused much on the interaction between the different ISP management phases. Few research methods have been used extensively and intervention-oriented research is rare.
Research limitations/implications
Future research should to a larger extent address the interaction between the ISP management phases, apply more intervention research to develop computerised support for ISP management, investigate to what extent computerised support can enhance integration of ISP management phases and reduce the complexity of such a management process.
Practical implications
The limited focus on computerised support for ISP management affects the kind of advice and artefacts the research community can offer to practitioners.
Originality/value
Today, there are no literature reviews on to what extent computerised support the ISP management process. Findings on how the complexity of ISP management has been addressed and the research methods used extend beyond the existing knowledge base, allowing for a critical discussion of existing research and future research needs.
Details
Keywords
Looks at the 2000 Employment Research Unit Annual Conference held at the University of Cardiff in Wales on 6/7 September 2000. Spotlights the 76 or so presentations within and…
Abstract
Looks at the 2000 Employment Research Unit Annual Conference held at the University of Cardiff in Wales on 6/7 September 2000. Spotlights the 76 or so presentations within and shows that these are in many, differing, areas across management research from: retail finance; precarious jobs and decisions; methodological lessons from feminism; call centre experience and disability discrimination. These and all points east and west are covered and laid out in a simple, abstract style, including, where applicable, references, endnotes and bibliography in an easy‐to‐follow manner. Summarizes each paper and also gives conclusions where needed, in a comfortable modern format.
Details
Keywords
Michael Barzelay, Francisco Gaetani, Juan Carlos Cortázar Velarde and Guillermo Cejudo
This chapter presents a conceptual framework and methodological guide for researching the process of public management policy change in the Latin America region. It provides an…
Abstract
This chapter presents a conceptual framework and methodological guide for researching the process of public management policy change in the Latin America region. It provides an explicit the methodological approach for case study research on this topic. The focus on the Latin America region is due to the sponsorship of the Inter-American Development Bank, which desired an explicit methodological guide for conducting research on public sector management reform. While the chapter is specifically geared to this purpose, it also exhibits a distinctive general approach to a large class of case study research designs. This class includes instrumental case study research about processes, incorporating variants that are rich in narrative, explicit in their explanatory framework, and comparative (Barzelay, 2002).
This paper analyzes what factors drive a company’s decision to align financial and management accounting policies as a measure of integration of management accounting and…
Abstract
Purpose
This paper analyzes what factors drive a company’s decision to align financial and management accounting policies as a measure of integration of management accounting and financial accounting at the highest hierarchy levels of a company.
Methodology/approach
Research hypotheses for six different determinants are developed: company size, number of operating segments and subsidiaries, internationality of the business, business strategy, company life cycle stage, and leverage. The hypotheses are tested using International Financial Reporting Standards 8 (IFRS 8) segment report data from a large sample of 175 German publicly listed companies.
Findings
A higher internationality of the business causes companies to choose a lower degree of integration. Companies with a prospector (defender) strategy choose a lower (higher) degree of integration. Companies in later life cycle stages and with higher leverage choose a lower degree of integration as well. Company size does not impact integration.
Practical implications
Companies have to decide whether, and to what extent, to integrate financial and management accounting and align the two sets of accounting policies. German companies have traditionally kept the two sets separate. As the research reported in this paper sheds light on when companies do not consider integration to be beneficial, it is useful for practitioners.
Originality/value
The legal reporting requirements in Germany as well as German accounting traditions make the German setting particularly suited for examining the integration of management accounting and financial accounting. Using the number of adjustments to financial accounting policies made for management accounting purposes is a novel approach, and the number of adjustments is a more fine-grained measure of integration at the highest hierarchy levels of a company than the measures used in prior literature.
Details
Keywords
Jude Ndzifon Kimengsi and Richard Achia Mbih
Surging natural disasters globally has precipitated renewed interests in disaster risk management. Though several global and regional disaster risk management policy frameworks…
Abstract
Surging natural disasters globally has precipitated renewed interests in disaster risk management. Though several global and regional disaster risk management policy frameworks have been put in place, it is necessary to evaluate their successes and capacities to deliver. This chapter reviews key disaster management frameworks, particularly the Yokohama Strategy, the Hyogo Framework for Action and the Sendai Framework for Disaster Risk Reduction. It examines the extent to which these policies shaped Africa’s regional disaster risk management processes, with an emphasis on sub-Saharan Africa (SSA). Through documentary analysis and scientific literature review, this chapter identifies key parameters that shaped SSA’s disaster risk reduction (DRR) processes and their implications for DRR policy instruments and impact studies. The analysis reveals a number of findings. First, the roll-out process of global disaster reduction and management policy processes and instruments is yet to optimally impact SSA, in terms of effective disaster management. Second, a more comprehensive understanding of the magnitude and severity of natural disasters could contribute to stem the damages linked to their occurrence. This is yet to be achieved. Third, paradigm shifts towards fully appreciating underlying disaster risk factors and manifestations could potentially support the practical drift from disaster coping and management towards risk identification, reduction and resilience building in SSA. Finally, instruments that prioritise capacity building (such as extension services training, research and development, information and communication), organisational governance, sustainable financing and technology, still relatively weak in SSA, should be stepped up to promote DRR capacities and strategies.
Details
Keywords
This study aims to investigate how a policy framework can be applied in the use of artificial intelligence (AI) for the management of records at the Council for Scientific and…
Abstract
Purpose
This study aims to investigate how a policy framework can be applied in the use of artificial intelligence (AI) for the management of records at the Council for Scientific and Industrial Research (CSIR) in South Africa. A policy and legal framework enables the records divisions to protect, administer and make their records available in a safe and professional way. Policies play a crucial role in ensuring that records are properly managed.
Design/methodology/approach
Convergent mixed-methods research was conducted, and data were collected using interviews and questionnaires. Data were analysed thematically and statistically and presented in tables and figures.
Findings
The study reveals that the policy framework should also include the application of AI for the management of records. Therefore, this study further concludes that the CSIR should review their policy framework to ensure the application of AI for the management of records is accommodated.
Originality/value
The study proposed a framework to guide the application of the policy framework in using AI for the management of records at CSIR. It is hoped that the proposed framework will serve as a guideline for the implementation of a policy framework in the utilisation of AI in the archives and records management sector.
Details
Keywords
Management industrial relations policy and management style are examined in a panel of 50 highly unionised companies between 1979 and 1991. Management policy in panel firms in…
Abstract
Management industrial relations policy and management style are examined in a panel of 50 highly unionised companies between 1979 and 1991. Management policy in panel firms in 1979 was relatively uniform, centred upon collective bargaining and the closed shop. A much broader spectrum of policies was evident in 1991, although collective bargaining was retained as part of the policy‐making framework in the large majority of companies. A minority of firms had either a strategic planning or financial control management style, which may be associated with tighter regulation of industrial relations. The majority had a strategic control style, the effects of which were more ambiguous.
Details
Keywords
Rashmi Anand, Sanjay Medhavi, Vivek Soni, Charru Malhotra and D.K. Banwet
Digital India, the flagship programme of Government of India (GoI) originated from National e-Governance Project (NeGP) in the year 2014. The programme has important aspect of…
Abstract
Purpose
Digital India, the flagship programme of Government of India (GoI) originated from National e-Governance Project (NeGP) in the year 2014. The programme has important aspect of information security and implementation of IT policy which supports e-Governance in a focused approach of Mission Mode. In this context, there is a need to assess situation of the programme which covers a study of initiatives and actions taken by various actor involved and processes which are responsible for overall e-Governance. Therefore, the purpose of this case study is to develop a Situation-Actor-Process (SAP), Learning-Action-Performance (LAP) based inquiry model to synthesize situation of information security governance, IT policy and overall e-Governance.
Design/methodology/approach
In this case study both systematic inquiry and matrices based SAP-LAP models are developed. Actors are classified who are found responsible and engaged in IT policy framing, infrastructure development and also in e-Governance implementation. Based on a synthesis of SAP components, various LAP elements were then synthesized then which further led to learning from the case study. Suitable actions and performance have also been highlighted, followed by a statement of the impact of the efficacy i.e. transformation of information security, policy and e-Governance on the Digital India programme.
Findings
On developing the SAP-LAP framework, it was found that actors like the Ministry of Electronics and Information Technology of the Govt. of India secures a higher rank in implementing various initiatives and central sector schemes to accelerate the agenda of e-Governance. Actions of other preferred actors include more investments in IT infrastructure, policy development and a mechanism to address cyber security threats for effective implementation of e-Governance. It was found that actors should be pro-active on enhancing technical skills, capacity building and imparting education related to ICT applications and e-Governance. Decision making should be based on the sustainable management practices of e-Governance projects implementation to manage change, policy making and the governmental process of the Indian administration and also to achieve Sustainable Development Goals by the Indian economy.
Research limitations/implications
The SAP-LAP synthesis is used to develop the case study. However, few other qualitative and quantitative multi criteria decision making approaches could also be explored for the development of IT security based e-Governance framework in the Indian context.
Practical implications
The synthesis of SAP leads to LAP components which can bridge the gaps between information security, IT policy governance and e-Governance process. Based on the learning from the Situation, it is said that the case study can provide decision making support and has impact on the e-Governance process i.e. may enhance awareness about e-services available to the general public. Such work is required to assess the transparency and accountability on the Government.
Social implications
Learning based on the SAP-LAP framework could provide decision making support to the administrators, policy makers and IT sector stakeholders. Thus, the case study would further help in addressing the research gaps, accelerating e-Governance initiatives and in capturing cyber threats.
Originality/value
The SAP-LAP model is found as an intuitive approach to analyze the present status of information security governance, IT policy and e-Governance in India in a single unitary model.
Details
Keywords
Bryna Sanger and Martin A. Levin
The recent Childhood Immunization Initiative of the Clinton Administration was a dramatic and ambitious policy response to what we will show is a case of significant management…
Abstract
The recent Childhood Immunization Initiative of the Clinton Administration was a dramatic and ambitious policy response to what we will show is a case of significant management and implementation failure. Interpreted by the Administration as a policy failure, low rates of early childhood immunization met with an aggressive and targeted policy response which ultimately diverted attention away from significant evidence of fundamental problems of service delivery, infrastructure, and parental knowledge and behavior. Analyzes and seeks to evaluate the reasons for the poor fit between the diagnosis of the problem of existing childhood immunization policy and the ultimate policy prescription of the Clinton Administration which relies almost exclusively on reducing the price of vaccines.