Environmental Management Maturity: The Role of Dynamic Validation.

Maturity models enhance the performance of companies by prescribing a trajectory through stages of increasing capability. However, a recent review of maturity models concludes that current maturity models hardly meet the design principles required for prescriptive use. To address this deficiency, we conducted semistructured interviews and a Group Model Building study with industrial companies in Spain in which we studied the progression toward a Leading Green Company as the highest maturity stage of environmental management. The findings from the study were tested using surveys with enterprises in Spain, Italy, and the United Kingdom, semistructured interviews in the United Kingdom and case studies in Spain. Using these data sources, we develop a causal model that captures an idealized environmental management maturity dynamic progression though stages. By mapping maturity stages to feedback loops connected to actions to improve those maturity levels, system dynamics can help companies articulate policies for transitioning toward higher maturity stages

GOVERNANÇA, GESTÃO E MATURIDADE DA SEGURANÇA DA INFORMAÇÃO: UM MAPEAMENTO SISTEMÁTICO DO CENÁRIO NACIONAL

The adoption of information security, along with the implementation of its policies and the required adjustments to some of its norms are not simple tasks. These difficulties demonstrate the need for a research focused on new ways to overcome such deficiency. This work shows the results of a systematic mapping of governance, management, and maturity of information security of the last 10 years in the Brazilian journals and conferences. Method: Systematic Mapping Study and snowball. Results: More than 7600 articles were analyzed and 35 works were selected in the area. There has been an increase in the number of works in the last 5 years and the massive use of ISO / IEC 27001, 27002 and 27005 standards. Conclusion: This research provides a basis for new research related to governance, management, and maturity of information security.A adoção da segurança da informação, implementação de políticas e adequação a alguma norma não é algo simples. Estas dificuldades demonstram a necessidade de pesquisar formas para tentar suprir esta carência. Este trabalho apresenta os resultados de um mapeamento sistemático da literatura sobre governança, gestão e maturidade de segurança da informação dos últimos 10 anos em periódicos e eventos nacionais. Método: Mapeamento sistemático e snowball. Resultados: Analisou-se mais de 7600 artigos e foram selecionados 35 trabalhos na área. Verificou-se o aumento do número de trabalhos nos últimos 5 anos e a utilização maciça das normas ISO/IEC 27001, 27002 e 27005. Conclusão: Esta pesquisa provê uma base para novas pesquisas relacionadas à governança, gestão e maturidade da segurança da informação

Digitizing grey portions of e-governance

Purpose: The purpose of this research paper is to assess e-governance efficacy in various sectors of India. The paper develops on Grey System Theory (GST) methodology and enlightens grey portions of e-governance in select sectors. Research study identifies few grey criteria which affect implementation of information and communication technology (ICT) applications to support sustainable e-governance. Such criteria are related to information security breaches, information technology (IT) policy implementation, investments and strategic advantages for the various sector developments. Design/methodology/approach: Considering “information” as a sensitive element to security for administration and part of dark portion to Indian economy, GST-based COmplex PRroportional ASsessment (COPRAS-G) method is adopted to assess the e-governance efficacy. The method provides flexible multicriteria decision-making (MCDM) approach to assess e-governance in prioritizing the sector alternatives of future strategic development. Priority order of select sectors is estimated, and COPRAS-G method is used in the research study to support decision-making on e-governance. Study compares ten major gross domestic product-dependent sectors based on few grey criteria. These criteria are chosen based on authors’ perspective on this study and feedback received from government officials of district levels under the Digital India-training programme. To address the subjectivity that lies in e-governance grey areas of sector, criteria are also weighted using fuzzy scale. Later methodology-based results are presented to draw a strategic road map for strategic development of the country. Findings: On applying COPRAS-G method to predict pessimistic, optimistic and realistic scenarios of e-governance implementation across the ten sectors, high priory order in realistic scenario of results shows that implementation of ICT applications for e-governance should be in the sectors such as environment, climate change and in the railways. Industrial sector is also ranked as the preferred one over the other sectors on the basis of e-governance efficacy assessment. Research limitations/implications: Here COPRAS-G method is used as MCDM techniques. However, few other MCDM techniques such as GRA, DRSA, VIKOR, SMAA, SWARA and SAW can be also explored to outrank various Indian sectors to deal with subjectivity in decision-making. Practical implications: Implementation of ICT applications to support e-governance varies from sector to sector. ICT-based governance involves high degree of complexity in driving the operations for development of respective sectors. Therefore, government and policymakers need more flexibility to overcome present barriers of sector development. Such research can support decision-making where GST-based COPRAS-G method is able to capture and address the breaches of information security. Moreover, management concern for sector development has been presented on the basis of pessimistic, optimistic and realistic scenarios more precisely. Social implications: The results can provide guidance to the academicians, policymakers and public sectors highlighting various possible measures to handle the security breaches in multi-facet intention of sustainable development. The outcomes from MCDM framework can also help in drawing a rough trajectory of strategy, i.e. development of ICTs applications and e-governance process. Originality/value: This paper can supplement and act as the support for decision-making in conflicting situations on different flexible scenarios. Moreover, such work can synergize conflicting ideas of decision makers, academics and various other stakeholders of the Indian IT sector

A Corporate Sustainability Maturity Model for Readiness Assessment: A Three-step Development Strategy

Purpose: One of the main challenges of organisations today is how to navigate their development into ideal sustainable organisations. However, each readiness level requires a different rubric of indicators. Therefore, this study develops a corporate sustainability maturity model (CSMM), which can be used by organisations to conduct self-assessments, identify their current sustainability maturity levels and transition into mature sustainable organisations. Design/methodology/approach: This CSMM comprises various maturity domains, sub-domains and levels as well as a rubric of indicators for assessing the maturity of corporate sustainability. In its development, a systematic literature review examined existing maturity models, after which a pilot study, based on the literature review, content analysis and expert interviews, was used to create a prototype of the CSSM. Finally, the model was refined and expanded by considering practitioners' feedback and the tendencies of other sustainability maturity models. Findings: On the basis of the findings, some Indonesian organisations conducted sustainability activities, without having a strategic plan. Moreover, the factors driving organisations to conduct sustainability efforts included external and internal pressure. However, typical factors, such as awareness of sustainability and organisational reputation gained from conducting sustainability activities, were insignificant in the sample. Originality/value: This CSMM is the first sustainability maturity model developed for readiness assessment in an Indonesian context. Through this CSMM, organisations can determine their current readiness level of sustainability maturity and choose the correct indicators to help improve each sustainability domain in the matrix

A cyclical evaluation model of information security maturity

Purpose – This paper aims at presenting a cyclical evaluation model of information security (IS) maturity. The lack of a security evaluation method might expose organizations to several risky situations. Design/methodology/approach – This model was developed through the definition of a set of steps to be followed to obtain periodical evaluation of maturity and continuous improvement of controls. Findings – This model, based on controls present in ISO/IEC 27002, provides a means to measure the current situation of IS management through the use of a maturity model and provides a subsidy to take appropriate and feasible improvement actions, based on risks. A case study is performed, and the results indicate that the method is efficient for evaluating the current state of IS, to support IS management, risks identification and business and internal control processes. Research limitations/implications – It is possible that modifications to the process may be needed where there is less understanding of security requirements, such as in a less mature organization. Originality/value – This paper presents a generic model applicable to all kinds of organizations. The main contribution of this paper is the use of a maturity scale allied to the cyclical process of evaluation, providing the generation of immediate indicators for the management of IS. </jats:sec