Search results
1 – 10 of 16Hamada Elsaid Elmaasrawy and Omar Ikbal Tawfik
This paper aims to examine the impact of the assurance and advisory role of internal audit (ADRIA) on organisational, human and technical proactive measures to enhance…
Abstract
Purpose
This paper aims to examine the impact of the assurance and advisory role of internal audit (ADRIA) on organisational, human and technical proactive measures to enhance cybersecurity (CS).
Design/methodology/approach
The questionnaire was used to collect data for 97 internal auditors (IAu) from the Gulf Cooperation Council countries. The authors used partial least squares (PLS) to test the hypotheses.
Findings
The results show a positive effect of the ADRIA on each of the organisational proactive measures, human proactive measures and technical proactive measures to enhance CS. The study also found a positive effect of the confirmatory role of IA on both human proactive measures and technical proactive measures to enhance CS. No effect of the confirmatory role of IA on the organisational proactive measures is found.
Research limitations/implications
This study focused on only three proactive measures to enhance CS, and this study was limited to the opinions of IAu. In addition, the study was limited to using regression analysis according to the PLS method.
Practical implications
The results of this study show that managers need to consider the influential role of IA as a value-adding activity in reducing CS risks and activating proactive measures. Also, IAu must expand its capabilities, skills and knowledge in CS auditing to provide a bold view of cyber threats. At the same time, the institutions responsible for preparing IA standards should develop standards and guidelines that help IAu to play assurance and advisory roles.
Originality/value
To the best of the authors’ knowledge, this is the first study of its kind that deals with the impact of the assurance and ADRIA on proactive measures to enhance CS. In addition, the study determines the nature of the advisory role and the assurance role of IA to strengthen CS.
Details
Keywords
Tri Widianti, Himma Firdaus and Tri Rakhmawati
This study aims to evaluate performance and map the science of research on International Organization for Standardization (ISO) 31000 standard through published articles…
Abstract
Purpose
This study aims to evaluate performance and map the science of research on International Organization for Standardization (ISO) 31000 standard through published articles. Specifically, this study determines the current state of the art, identifies research gaps and guides future studies related to ISO 31000.
Design/methodology/approach
This work investigates and examines the research papers acquired from the Scopus and Web of Science databases. Inclusion and exclusion criteria were applied to obtain relevant papers. Bibliometric analysis using Biblioshiny was conducted to answer the research objectives.
Findings
The results show growing interest in ISO 31000 research but limited interconnectivity among articles. Influential journals have emerged, highlighting key research trends in risk management's (RM) practical application and its significance in organizational decision-making. Key research areas include risk assessment (RA) methods, enterprise RM and system integration, endorsing ISO 31000 as a valuable tool. Future research should prioritize longitudinal studies to track ISO 31000's impact, study effective risk communication strategies, explore sector-specific RM practices and assess ISO 31000's application in emerging technologies.
Research limitations/implications
This research reveals key themes and diverse methods that aid practitioners in customizing industry risk strategies, adapting to emerging trends, engaging global collaboration and improving risk communication. Nevertheless, the study might overlook non-English contributions, urging broader language inclusion for ISO 31000's profundity.
Originality/value
This paper's originality lies in its comprehensive bibliometric analysis of ISO 31000 research, providing valuable insights into the standard's growing significance and global impact. The study identifies key research themes and influential authors, guiding future research and improving RM practices.
Details
Keywords
Lerato Aghimien, Clinton Ohis Aigbavboa and Douglas Aghimien
The current era of the fourth industrial revolution has attracted significant research on the use of digital technologies in improving construction project delivery. However, less…
Abstract
The current era of the fourth industrial revolution has attracted significant research on the use of digital technologies in improving construction project delivery. However, less emphasis has been placed on how these digital tools will influence the management of the construction workforce. To this end, using a review of existing works, this chapter explores the fourth industrial revolution and its associated technologies that can positively impact the management of the construction workforce when implemented. Also, the possible challenges that might truncate the successful deployment of digital technologies for effective workforce management were explored. The chapter submitted that implementing workforce management-specific digital platforms and other digital technologies designed for project delivery can aid effective workforce management within construction organisations. Technologies such as cloud computing, the Internet of Things, big data analytics, robotics and automation, and artificial intelligence, among others, offer significant benefits to the effective workforce management of construction organisations. However, several challenges, such as resistance to change due to fear of job loss, cost of investment in digital tools, organisational structure and culture, must be carefully considered as they might affect the successful use of digital tools and by extension, impact the success of workforce management in the organisations.
Details
Keywords
Lerato Aghimien, Clinton Ohis Aigbavboa and Douglas Aghimien
In the quest for better construction workforce management, this chapter explored the background of workforce management and related theories, models, and practices. Through a…
Abstract
In the quest for better construction workforce management, this chapter explored the background of workforce management and related theories, models, and practices. Through a review, the chapter provided meaning to the concept of construction and workforce management. The chapter concluded that while the construction industry worldwide is important to the economic growth of the countries where it operates, the industry’s management of its workforce is challenged by several problems. These problems include the nature of the industry, skill shortage, unhealthy working environment, and poor image of the industry, among others. Also, while the construction industry is rich in diversity, this has been a major source of problems for workforce management. The chapter further revealed that to improve workforce management and attain better-performing construction organisations, careful recruitment, effective training, providing a safe working environment, putting policies to promote diversity, and ensuring innovativeness, among others, are essential.
Details
Keywords
Prasetyo Adi Wibowo Putro, Dana Indra Sensuse and Wahyu Setiawan Setiawan Wibowo
This paper aims to develop a framework for critical information infrastructure (CII) protection in smart government, an alternative measure for common cybersecurity frameworks…
Abstract
Purpose
This paper aims to develop a framework for critical information infrastructure (CII) protection in smart government, an alternative measure for common cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001. Smart government is defined as the government administration sector of CII due to its similarity as a core of smart technology.
Design/methodology/approach
To ensure the validity of the data, the research methodology used in this paper follows the predicting malfunctions in socio-technical systems (PreMiSTS) approach, a variation of the socio-technical system (STS) approach specifically designed to predict potential issues in the STS. In this study, PreMiSTS was enriched with observation and systematic literature review as its main data collection method, thematic analysis and validation by experts using fuzzy Delphi method (FDM).
Findings
The proposed CII protection framework comprises several dimensions: objectives, interdependency, functions, risk management, resources and governance. For all those dimensions, there are 20 elements and 41 variables.
Practical implications
This framework can be an alternative guideline for CII protection in smart government, particularly in government administration services.
Originality/value
The author uses PreMiSTS, a socio-technical approach combined with thematic analysis and FDM, to design a security framework for CII protection. This combination was designed as a mixed-method approach to improve the likelihood of success in an IT project.
Details
Keywords
Miguel Calvo and Marta Beltrán
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it…
Abstract
Purpose
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.
Design/methodology/approach
The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.
Findings
The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.
Originality/value
The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.
Details
Keywords
Muhammad Ashraf Fauzi, Biswajeet Pradhan, Noraina Mazuin Sapuan and Ratih Dyah Kusumastuti
The purpose of this study is to review the role of knowledge management (KM) in disaster management and crisis. Disaster causes many detrimental impacts on human lives through…
Abstract
Purpose
The purpose of this study is to review the role of knowledge management (KM) in disaster management and crisis. Disaster causes many detrimental impacts on human lives through loss of life and damage to properties. KM has been shown to dampen the impact of the disaster on the utilization of knowledge among agencies involved and the local communities impacted by disasters.
Design/methodology/approach
Through a bibliometric methodology (co-citation, bibliographic coupling and co-word analysis), this study presents significant themes in the past, current and future predictions on the role of KM in disaster management. In this review paper, 437 publications were retrieved from the Web of Science and analyzed through VOSviewer software to visualize and explore the knowledge map on the subject domain.
Findings
Findings suggest that the significant themes derived are centralized to disaster preparedness during disaster and disaster postrecovery. This review presents a state-of-art bibliometric analysis of the crucial role of KM in building networks and interconnection among relevant players and stakeholders involved in disaster management.
Research limitations/implications
The main implication of this study is how the authorities, stakeholders and local community can integrate the KM system within the three stages of disasters and the crucial role of technologies and social media in facilitating disaster management.
Originality/value
To the best of the authors’ knowledge, this is the first study to present a bibliometric analysis in mapping KM’s past, present and future trends in disaster management.
Details
Keywords
Ana Junça-Silva, Henrique Duarte and Susana C. Santos
Discovering opportunities is a key entrepreneurship competence for those who want to start their own business and who choose to enter the workforce. In this study, the authors…
Abstract
Purpose
Discovering opportunities is a key entrepreneurship competence for those who want to start their own business and who choose to enter the workforce. In this study, the authors focus on the antecedents of the ability to discover entrepreneurial opportunities by uncovering how and when students' personal initiative (Frese and Fay, 2001) leads to an increase in this key competency. The purpose of this study was to examine the role of risk-taking and creativity in the interplay between personal initiative and opportunity discovery competencies among university students.
Design/methodology/approach
Data were collected with a self-assessment tool in two moments in time, using a sample of 103 university students from Portugal enrolled in an entrepreneurship course. The authors measured personal initiative and entrepreneurial risk-taking at the beginning of the entrepreneurship course (Time 1). Two months later (Time 2), by the end of an entrepreneurship course, the authors measured creativity and opportunity discovery abilities.
Findings
The results of this study showed that risk-taking mediates the effect of personal initiative on opportunity discovery and that creativity interacts with risk-taking and opportunity discovery. Specifically, the authors found that the relationship between entrepreneurial risk-taking and opportunity discovery is positive and statistically significant when students display average or above-average creativity. The indirect effect of the personal initiative on opportunity discovery through entrepreneurial risk-taking seems to increase when the student's creativity increases, as the index of moderated mediation is positive.
Research limitations/implications
As with all studies, there are limitations to work of this study. First, data of this study is restricted to a sample of students from Portugal. As such, the authors should be careful about generalizations concerning students from other cultural settings; entrepreneurship competencies can differ across countries. Second, the findings of the present study are based on students’ self-reports regarding their own entrepreneurship competencies.
Originality/value
This work can inspire entrepreneurship educators to look at the entrepreneurship competencies models holistically and inspire future work to explore the relationship patterns between entrepreneurial competencies.
Details
Keywords
Yunlong Duan, Yan Liu, Yilin Chen, Weiqi Guo and Lisheng Yang
This study aims to focus on the impact of multi-level knowledge sharing between and within organizations on the risk control of rural inclusive finance. The paper presents…
Abstract
Purpose
This study aims to focus on the impact of multi-level knowledge sharing between and within organizations on the risk control of rural inclusive finance. The paper presents a synergistic risk control system integrating external and internal factors for rural inclusive finance by constructing different knowledge-sharing platforms in an environment, which is full of many uncertainties.
Design/methodology/approach
This study is based on survey methods. To achieve the research objectives, the authors adopt a single case study approach. For data collection, the authors apply a wide variety of methods such as semi-structured interviews, field visits, second-hand databases and official websites.
Findings
The results emphasize that using multi-level knowledge sharing such as the inter- and intra-organizational level, can facilitate the risk control of rural inclusive finance during the post-COVID-19 era. Furthermore, it is also noted that achieving knowledge sharing at different levels by building diverse knowledge-sharing platforms can promote the risk control of rural inclusive finance from the individual-organization level to the chain level of multi-organization collaboration, which contributes to the formation of symbiotic risk control ecology.
Research limitations/implications
The authors have formed the “Chinese wisdom” to deal with inclusive financial risks and to promote in-depth development in relation to the “last mile” practice of inclusive finance, which means the final and the most important phase of a project. The conclusions contribute to enriching the outcomes regarding the risk control of rural inclusive finance, provide experiences to its sustainable development and offer a reference to other countries with their risk control of rural inclusive finance.
Originality/value
Drawing on the knowledge-sharing approach, this study creatively resolves the persistent problems in the risk control of rural inclusive finance, which forms a powerful supplement to the extant literature. Meanwhile, the paper combines the two contextual factors of the post-COVID-19 era and emerging economies, which can be deemed as a novel attempt.
Details
Keywords
Ammar Chakhrit, Mohammed Bougofa, Islam Hadj Mohamed Guetarni, Abderraouf Bouafia, Rabeh Kharzi, Naima Nehal and Mohammed Chennoufi
This paper aims to enable the analysts of reliability and safety systems to evaluate the risk and prioritize failure modes ideally to prefer measures for reducing the risk of…
Abstract
Purpose
This paper aims to enable the analysts of reliability and safety systems to evaluate the risk and prioritize failure modes ideally to prefer measures for reducing the risk of undesired events.
Design/methodology/approach
To address the constraints considered in the conventional failure mode and effects analysis (FMEA) method for criticality assessment, the authors propose a new hybrid model combining different multi-criteria decision-making (MCDM) methods. The analytical hierarchy process (AHP) is used to construct a criticality matrix and calculate the weights of different criteria based on five criticalities: personnel, equipment, time, cost and quality. In addition, a preference ranking organization method for enrichment evaluation (PROMETHEE) method is used to improve the prioritization of the failure modes. A comparative work in which the robust data envelopment analysis (RDEA)-FMEA approach was used to evaluate the validity and effectiveness of the suggested approach and simplify the comparative analysis.
Findings
This work aims to highlight the real case study of the automotive parts industry. Using this analysis enables assessing the risk efficiently and gives an alternative ranking to that acquired by the traditional FMEA method. The obtained findings offer that combining of two multi-criteria decision approaches and integrating their outcomes allow for instilling confidence in decision-makers concerning the risk assessment and the ranking of the different failure modes.
Originality/value
This research gives encouraging outcomes concerning the risk assessment and failure modes ranking in order to reduce the frequency of occurrence and gravity of the undesired events by handling different forms of uncertainty and divergent judgments of experts.
Details