Search results

The concept of information security culture, which recently gained increased attention, aims to comprehensively grasp socio-cultural mechanisms that have an impact on organizational security. Different measurement instruments have been developed to measure and assess information security culture using survey-based tools. However, the content, breadth and face validity of these scales vary greatly. This study aims to identify and provide an overview of the scales that are used to measure information security culture and to evaluate the rigor of reported scale development and validation procedures.

Papers that introduce a new or adapt an existing scale of information security culture were systematically reviewed to evaluate scales of information security culture. A standard search strategy was applied to identify 19 relevant scales, which were evaluated based on the framework of 16 criteria pertaining to the rigor of reported operationalization and the reported validity and reliability of the identified scales.

The results show that the rigor with which scales of information security culture are validated varies greatly and that none of the scales meet all the evaluation criteria. Moreover, most of the studies provide somewhat limited evidence of the validation of scales, indicating room for further improvement. Particularly, critical issues seem to be the lack of evidence regarding discriminant and criterion validity and incomplete documentation of the operationalization process.

Researchers focusing on the human factor in information security need to reach a certain level of agreement on the essential elements of the concept of information security culture. Future studies need to build on existing scales, address their limitations and gain further evidence regarding the validity of scales of information security culture. Further research should also investigate the quality of definitions and make expert assessments of the content fit between concepts and items.

Organizations that aim to assess the level of information security culture among employees can use the results of this systematic review to support the selection of an adequate measurement scale. However, caution is needed for scales that provide limited evidence of validation.

This is the first study that offers a critical evaluation of existing scales of information security culture. The results have decision-making value for researchers who intend to conduct survey-based examinations of information security culture.

The purpose of this research is to develop a better understanding of the hurdles in implementing Lean Six Sigma (LSS) for operational excellence in digital emerging technology companies.

We have conducted case studies of LSS implementations in six US-based companies in the digital emerging technology industry.

Critical success factors (CSF) for LSS implementations in digital emerging technology companies are: (1) organizational leadership that is engaged to the implementation, (2) LSS methodology that is rebranded to fit existing shared values in the organization, (3) restructuring of the traditional LSS training program to include a more incremental, prioritized, on-the-job training approach and (4) a modified LSS project execution methodology that includes (a) condensing the phases and tools applied in LSS projects and (b) adopting more iterative project management methods compared to the standard phased LSS project approach.

The qualitative nature of our analysis and the geographic coverage of our sample limit the generalizability of our findings.

Implications comprise the awareness and knowledge of critical success factors and LSS methodology modifications specifically relevant for digital emerging technology companies or companies that share similarities in terms of focus on product development, innovation and growth, such as R&D departments in high-tech manufacturing companies.

Research on industry-specific enablers for successful LSS implementation in the digital emerging technology industry is virtually absent. Our research informs practitioners on how to implement LSS in this and alike industries, and points to aspects of such implementations that are worthy of further attention from the academic community.

Climate change poses risks to society and the demand for carbon literacy within small and medium-sized enterprises is increasing. Skills and knowledge are required for organizational greenhouse gas accounting and science-based decisions to help businesses reduce transitional risks. At the University of Copenhagen and the University of Northern British Columbia, two carbon management courses have been developed to respond to this growing need. Using an action-based co-learning model, students and business are paired to quantify and report emissions and develop climate plans and communication strategies.

This paper draws on surveys of businesses that have partnered with the co-learning model, designed to provide insight on carbon reductions and the impacts of co-learning. Data collected from 12 respondents in Denmark and 19 respondents in Canada allow for cross-institutional and international comparison in a Global North context.

Results show that while co-learning for carbon literacy is welcomed, companies identify limitations: time and resources; solution feasibility; governance and reporting structures; and communication methods. Findings reveal a need for extension, both forwards and backwards in time, indicating that the collaborations need to be lengthened and/or intensified. Balancing academic requirements detracts from usability for businesses, and while municipal and national policy and emission targets help generate a general societal understanding of the issue, there is no concrete guidance on how businesses can implement operational changes based on inventory results.

The research brings new knowledge to the field of transitional climate risks and does so with a focus on both small businesses and universities as important co-learning actors in low-carbon transitions. The comparison across geographies and institutions contributes an international solution perspective to climate change mitigation and adaptation strategies.

The aim of this paper is to identify some of the challenges that need to be addressed to accelerate the deployment and adoption of smart health technologies for ubiquitous healthcare access. The paper also explores how internet of things (IoT) and big data technologies can be combined with smart health to provide better healthcare solutions.

The authors reviewed the literature to identify the challenges which have slowed down the deployment and adoption of smart health.

The authors discussed how IoT and big data technologies can be integrated with smart health to address some of the challenges to improve health-care availability, access and costs.

The results of this paper will help health-care designers, professionals and researchers design better health-care information systems.

The purpose of this paper is to examine the usefulness of statistical studies of financial reports and stock market data for improving corporate financial reports.

Analytical writing.

It is often claimed that statistical studies of co-variation between financial and stock market data can help set better financial reporting policy. Such co-variation, even when it can be estimated, tells us little about which financial reports help to make better financial decisions. A case in support of such claims remains to be made.

The readers are advised to be extremely careful in drawing inferences from studies of co-variation between accounting and stock market data for financial reporting policy.

Inference from accounting empirical studies to policy needs better rationale to avoid bad policy consequences.

This paper raises original questions about policy inferences from a large class of empirical research in accounting.