|Commenced in January 2007||Frequency: Monthly||Edition: International||Paper Count: 32|
The financial sector is exposed to the risk of cyber-attacks like any other industrial sector. Furthermore, the topic of CybeRisk (cyber risk) has become particularly relevant given that Information Technology (IT) attacks have increased drastically in recent years, and cannot be stopped by single organizations requiring a response at international and national level. IT risk is never a matter purely for the IT manager, although he clearly plays a key role. A bank's risk management function requires a thorough understanding of the evolving risks as well as the tools and practical techniques available to address them. Upon the request of European and national legislation regarding CybeRisk in the financial system, banks are therefore called upon to strengthen the operational model for CybeRisk management. This will require an important change with a more intense collaboration with the structures that deal with information security for the development of an ad hoc system for the evaluation and control of this type of risk. The aim of the work is to propose a framework for the management and control of CybeRisk that will bridge the gap in the literature regarding the understanding and consideration of CybeRisk as an integral part of business management. The IT function has a strong relevance in the management of CybeRisk, which is perceived mainly as operational risk, but with a positive tendency on the part of risk management to the identification of CybeRisk assessment methods that are increasingly complete, quantitative and able to better describe the possible impacts on the business. The paper provides answers to the research questions: Is it possible to define a CybeRisk governance structure able to support the comparison between risk and security? How can the relationships between IT assets be integrated into a cyberisk assessment framework to guarantee a system of protection and risks control? From a methodological point of view, this research uses a case study approach. The choice of “Monte dei Paschi di Siena” was determined by the specific features of one of Italy’s biggest lenders. It is chosen to use an intensive research strategy: an in-depth study of reality. The case study methodology is an empirical approach to explore a complex and current phenomenon that develops over time. The use of cases has also the advantage of allowing the deepening of aspects concerning the "how" and "why" of contemporary events, on which the scholar has little control. The research bases on quantitative data and qualitative information obtained through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk, IT and compliance managers, and those responsible for internal audit function and anti-money laundering. The added value of the paper can be seen in the development of a framework based on a mapping of IT assets from which it is possible to identify their relationships for purposes of a more effective management and control of cyber risk.
Action research is a qualitative research methodology, which leads the researcher to delve into the problems of a community in order to understand its needs in depth and finally, to propose actions that lead to a change of social paradigm. Although this methodology had its beginnings in the human sciences, it has attracted increasing interest and acceptance in the field of information systems research since the 1990s. The countless possibilities offered nowadays by the use of Information Technologies (IT) in the development of different socio-economic activities have meant a change of social paradigm and the emergence of the so-called information and knowledge society. According to this, governments, large corporations, small entrepreneurs and in general, organizations of all kinds are using IT to virtualize their processes, taking them from the physical environment to the digital environment. However, there is a potential risk for organizations related with exposing valuable information without an appropriate framework for protecting it. This paper shows progress in the development of a methodological design to manage the information security risks associated with the IT-based processes virtualization, by applying the principles of the action research methodology and it is the result of a systematic review of the scientific literature. This design consists of seven fundamental stages. These are distributed in the three stages described in the action research methodology: 1) Observe, 2) Analyze and 3) Take actions. Finally, this paper aims to offer an alternative tool to traditional information security management methodologies with a view to being applied specifically in the planning stage of IT-based process virtualization in order to foresee risks and to establish security controls before formulating IT solutions in any type of organization.
A need exists to identify the sources of risks associated with the process automation systems within petrochemical companies or similar energy related industries. These companies use many different process automation technologies in its value chain. A crucial part of the process automation system is the information technology component featuring in the supervisory control layer. The ever-changing technology within the process automation layers and the rate at which it advances pose a risk to safe and predictable automation system performance. The age of the automation equipment also provides challenges to the operations and maintenance managers of the plant due to obsolescence and unavailability of spare parts. The main objective of this research was to determine the risk sources associated with the equipment that is part of the process automation systems. A secondary objective was to establish whether technology managers and technicians were aware of the risks and share the same viewpoint on the importance of the risks associated with automation systems. A conceptual model for risk sources of automation systems was formulated from models and frameworks in literature. This model comprised six categories of risk which forms the basis for identifying specific risks. This model was used to develop a questionnaire that was sent to 172 instrument technicians and technology managers in the company to obtain primary data. 75 completed and useful responses were received. These responses were analyzed statistically to determine the highest risk sources and to determine whether there was difference in opinion between technology managers and technicians. The most important risks that were revealed in this study are: 1) the lack of skilled technicians, 2) integration capability of third-party system software, 3) reliability of the process automation hardware, 4) excessive costs pertaining to performing maintenance and migrations on process automation systems, and 5) requirements of having third-party communication interfacing compatibility as well as real-time communication networks.
The construction industry is a renowned latecomer to the efficiency offered by the adoption of information technology. Whereas, the banking, manufacturing, retailing industries have keyed into the future by using digitization and information technology as a new approach for ensuring competitive gain and efficiency. The construction industry has yet to fully realize similar benefits because the adoption of ICT is still at the infancy stage with a major concentration on the use of software. Thus, this study evaluates the awareness and readiness of construction professionals towards embracing a full digitalization of the construction industry using construction 4.0. The term ‘construction 4.0’ was coined from the industry 4.0 concept which is regarded as the fourth industrial revolution that originated from Germany. A questionnaire was utilized for sourcing data distributed to practicing construction professionals through a convenience sampling method. Using SPSS v24, the hypotheses posed were tested with the Mann Whitney test. The result revealed that there are no differences between the consulting and contracting organizations on the readiness for adopting construction 4.0 concepts in the construction industry. Using factor analysis, the study discovers that adopting construction 4.0 will improve the performance of the construction industry regarding cost and time savings and also create sustainable buildings. In conclusion, the study determined that construction professionals have a low awareness towards construction 4.0 concepts. The study recommends an increase in awareness of construction 4.0 concepts through seminars, workshops and training, while construction professionals should take hold of the benefits of adopting construction 4.0 concepts. The study contributes to the roadmap for the implementation of construction industry 4.0 concepts in the South African construction industry.
From a multi-science point of view, we analyze threats to security resulting from globalization of international information space and information and communication aggression of Russia. A definition of Ruschism is formulated as an ideology supporting aggressive actions of modern Russia against the Euro-Atlantic community. Stages of the hybrid war Russia is leading against Ukraine are described, including the elements of subversive activity of the special services, the activation of the military phase and the gradual shift of the focus of confrontation to the realm of information and communication technologies. We reveal an emergence of a threat for democratic states resulting from the destabilizing impact of a target state’s mass media and social networks being exploited by Russian secret services under freedom-of-speech disguise. Thus, we underline the vulnerability of cyber- and information security of the network society in regard of hybrid war. We propose to define the latter a synergetic war. Our analysis is supported with a long-term qualitative monitoring of representation of top state officials on popular TV channels and Facebook. From the memetics point of view, we have detected a destructive psycho-information technology used by the Kremlin, a kind of information catastrophe, the essence of which is explained in detail. In the conclusion, a comprehensive plan for information protection of the public consciousness and mentality of Euro-Atlantic citizens from the aggression of the enemy is proposed.
The case study method in this paper shows the implementation of Information Technology (IT) and the Serial Shipping Container Code (SSCC) in a Croatian company that deals with logistics operations and provides logistics services in the cold chain segment. This company is aware of the sensitivity of the goods entrusted to them by the user of the service, as well as of the importance of speed and accuracy in providing logistics services. To that end, it has implemented and used the latest IT to ensure the highest standard of high-quality logistics services to its customers. Looking for efficiency and optimization of supply chain management, while maintaining a high level of quality of the products that are sold, today's users of outsourced logistics services are open to the implementation of new IT products that ultimately deliver savings. By analysing the positive results and the difficulties that arise when using this technology, we aim to provide an insight into the potential of this approach of the logistics service provider.
There are visible changes in the world organization, environment and health of national conscience that create a background for discussion on possible redefinition of global, state and regional management goals. Authors apply the sustainable development criteria to a hierarchical management scheme that is to lead the world community to non-contradictory growth. Concrete definitions are discussed in respect of decision-making process representing the state mostly. With the help of system analysis it is highlighted how to understand who would carry the distinctive sign of world leadership in the nearest future.
Despite the evident benefits of building information modeling (BIM) to the construction industry, it faces significant implementation challenges in the State of Kuwait. This study investigates the awareness of construction stakeholders of BIM implementation challenges, and identifies various solutions to overcome these challenges. Specifically, the main objectives of this study are to: (1) characterize the barriers that deter utilization of BIM, (2) examine the awareness of engineers, architects, and construction stakeholders of these barriers, and (3) identify practical solutions to facilitate BIM utilization. A questionnaire survey was designed to collect data on the aforementioned objectives from local companies and senior BIM experts. It was found that engineers are highly aware of BIM implementation barriers. In addition, it was concluded from the questionnaire that the biggest barrier is the lack of BIM training. Based on expert feedback, the study concluded with a number of recommendations on how to overcome the barriers of BIM utilization. This should prove useful to the construction industry stakeholders and can lead to significant changes to design and construction practices.
The present study aims to explore the effect of computerization on marketing performance in Snowa Company. In other words, this study intends to respond to this question that whether or not, is there any relationship between utilization of computerization in marketing activities and marketing performance? The statistical population included 60 marketing managers of Snowa Company. In order to test the research hypotheses, Pearson correlation coefficient was employed. The reliability was equal to 96.8%. In this study, computerization was the independent variable and marketing performance was the dependent variable with characteristics of market share, improving the competitive position, and sales volume. The results of testing the hypotheses revealed that there is a significant relationship between utilization of computerization and market share, sales volume and improving the competitive position.
The aim of this study is to discover secondary school students’ perceptions related to information technologies and the connections between concepts in their cognitive structures. A word association test consisting of six concepts related to information technologies is used to collect data from 244 secondary school students. Concept maps that present students’ cognitive structures are drawn with the help of frequency data. Data are analyzed and interpreted according to the connections obtained as a result of the concept maps. It is determined students associate most with these concepts—computer, Internet, and communication of the given concepts, and associate least with these concepts—computer-assisted education and information technologies. These results show the concepts, Internet, communication, and computer, are an important part of students’ cognitive structures. In addition, students mostly answer computer, phone, game, Internet and Facebook as the key concepts. These answers show students regard information technologies as a means for entertainment and free time activity, not as a means for education.
Information technology is changing rapidly and the users’ expectations are also growing. Dealing with these changes in information technology, while satisfying the users’ needs and expectations is a big challenge. IT managers need to explore new mechanisms/strategies to enable them to cope with such challenges.
The objectives of this research are to identify the significant challenges that might face IT managers in higher education institutes in the face of the high and ever growing customer expectations and to propose possible solutions to cope with such high-speed changes in information technology.
To achieve these objectives, interviews with the IT professionals from different higher education institutes in Oman were conducted. In addition, documentation (printed and online) related to these institutions were studied and an intensive literature review of published work was examined.
The findings of this research are expected to give a better understanding of the challenges that might face the IT managers at higher education institutes. This acquired understanding is expected to highlight the importance of being adaptable and fast in keeping up with the ever-growing technological changes. Moreover, adopting different tools and technologies could assist IT managers in developing their organisations’ IT policies and strategies.
Result of the study on knowledge management systems in businesses was shown that the most of these businesses provide internet accessibility for their employees in order to study new knowledge via internet, corporate website, electronic mail, and electronic learning system. These business organizations use information technology application for knowledge management because of convenience, time saving, ease of use, accuracy of information and knowledge usefulness. The result indicated prominent improvements for corporate knowledge management systems as the following; 1) administrations must support corporate knowledge management system 2) the goal of corporate knowledge management must be clear 3) corporate culture should facilitate the exchange and sharing of knowledge within the organization 4) cooperation of personnel of all levels must be obtained 5) information technology infrastructure must be provided 6) they must develop the system regularly and constantly.
In this era of competitiveness, there is a growing need for supply chains also to become competitive enough to handle pressures like varying customer’s expectations, low cost high quality products to be delivered at the minimum time and the most important is throat cutting competition at world wide scale. In the recent years, supply chain competitiveness has been, therefore, accepted as one of the most important philosophies in the supply chain literature and researchers have tried to identify variables of supply chain competitiveness. This paper highlights some of the concepts of supply chain competitiveness and tries to identify select variables on the basis of literature review. Further, the paper tries to highlight the importance of the identified variables in the achievement of supply chain competitiveness. The aim is to explore the concept and to motivate researchers to further investigate the unexplored areas of this important subject domain.
This paper gave an attempt in prioritizing information technologies that organizations should give concentration. The case study was organizations in the automotive assembly industry in Thailand. Data were first collected to gather all information technologies known and used in the automotive assembly industry in Thailand. Five experts from the industries were surveyed based on the concept of fuzzy DEMATEL. The information technologies were categorized into six groups, which were communication, transaction, planning, organization management, warehouse management, and transportation. The cause groups of information technologies for each group were analyzed and presented. Moreover, the relationship between the used and the significant information technologies was given. Discussions based on the used information technologies and the research results are given.
The activities which are mostly related to the environmental performance need to be pointed, especially how logistics systems influence on environmental performance. This paper analyses how company could lead the initiative in this area by incorporating environmental management principles into their daily activities. The analysis is based on literature review about logistics and environment, the information from company R website as well as face-to-face interviews. A case study is given to show how they can turn practices into green while simultaneously meet the efficiency objectives. The research results show that the adoption of EMS and ISO 14001 certification is an effective tool for the logistics management. Such practices simultaneously reduce the negative contribute to better company performance. The results also show that the emissions to air and water, and energy consumption are the main logistics impacts to the environment.
The massive proliferation of affordable computers, Internet broadband connectivity and rich education content has created a global phenomenon in which information and communication technology (ICT) is being used to transform education. Therefore, there is a need to redesign the educational system to meet the needs better. The advent of computers with sophisticated software has made it possible to solve many complex problems very fast and at a lower cost. This paper introduces the characteristics of the current E-Learning and then analyses the concept of cloud computing and describes the architecture of cloud computing platform by combining the features of E-Learning. The authors have tried to introduce cloud computing to e-learning, build an e-learning cloud, and make an active research and exploration for it from the following aspects: architecture, construction method and external interface with the model.
The purpose of this paper is to provide an overview on methodological aspects of the information technology outsourcing (ITO) surveys, in an attempt to improve the data quality and reporting in survey research. It is based on a review of thirty articles on ITO surveys and focuses on two commonly explored dimensions of ITO, namely what are outsourced and why should there be ITO. This study highlights weaknesses in ITO surveys including lack of a clear definition of population, lack of information regarding the sampling method used, not citing the response rate, no information pertaining to pilot testing of survey instrument and absence of information on internal validity in the use or reporting of surveys. This study represents an attempt with a limited scope to point to shortfalls in the use survey methodology in ITO, and thus raise awareness among researchers in enhancing the reliability of survey findings.
Higher education institutions are increasingly opting to outsourcing methods in order to sustain themselves and this creates a gap of literature in terms of how they perceive the relationship. This research paper attempts to identify the behavioral and psychological factors that exist in the engagement thus providing valuable information to practicing and potential clients, and vendors. The determinants were gathered from previous literatures and analyzed to formulate the factors. This study adopts the case study and survey approaches in which interviews and questionnaires are deployed on employees of IT-related department in a Malaysian higher education institution.
The purpose of the study reported here was designing Information Dissemination System (IDS) based E-learning in agricultural of Iran. A questionnaire was developed to designing Information Dissemination System. The questionnaire was distributed to 96 extension agents who work for Management of Extension and Farming System of Khuzestan province of Iran. Data collected were analyzed using the Statistical Package for the Social Sciences (SPSS). Appropriate statistical procedures for description (frequencies, percent, means, and standard deviations) were used. In this study there was a significant relationship between the age , IT skill and knowledge, years of extension work, the extend of information seeking motivation, level of job satisfaction and level of education with use of information technology by extension agent. According to extension agents five factors were ranked respectively as five top essential items to designing Information Dissemination System (IDS) based E-learning in agricultural of Iran. These factors include: 1) Establish communication between farmers, coordinators (extension agents), agricultural experts, research centers, and community by information technology. 2) The communication between all should be mutual. 3) The information must be based farmers need. 4) Internet used as a facility to transfer the advanced agricultural information to the farming community. 5) Farmers can be illiterate and speak a local and they are not expected to use the system directly. Knowledge produced by the agricultural scientist must be transformed in to computer understandable presentation. To designing Information Dissemination System, electronic communication, in the agricultural society and rural areas must be developed. This communication must be mutual between all factors.