Audit for Information Systems Security

The information and communication technologies advances made available enormous and vast amounts of information. This availability generates also significant risks to computer systems, information and to the critical operations and infrastructures they support. In spite of significant advances in the information security area many information systems are still vulnerable to inside or outside attacks. The existence of an internal audit for information system security increases the probability of adopting adequate security measures and preventing these attacks or lowering the negative consequences. The paper presents an exploratory study on informatics audit for information systems security.Information System Risks, Audit, Security

Is Information Systems Misuse Always Bad? A New Perspective on IS Misuse in Hospitals Under the Context of Disasters

Although the extant literature has investigated how individuals engage in inappropriate behaviors based on the rational choice theory (RCT) (e.g., computer misconduct), the neutralization theory (e.g., IS security policies violation), and workarounds under normal situations, it has given little consideration to how individuals are involved in misuse of information systems with a good intention under the context of disasters. To fill this research gap, we propose a selfless misuse model, which offers a theoretical explanation for the concept of individuals’ selfless misuse intention under uncertainty caused by disasters. In this study, we show why employees make decisions to misuse the information system to ensure delivery of health services and business continuity. In addition, we explore the way of reducing this misuse behavior by introducing the role of system resilience in assisting employees to make better decisions and act positively

The elephant in the room: is misuse of Eau de Cologne the missing link in the death of Napoleon ?

The elephant in the room: is misuse of Eau de Cologne the missing link in the death of Napoleon ? Parvez I. Haris Faculty of Health & Life Sciences, De Montfort University, The Gateway, Leicester, LE1 9BH, E-Mail: [email protected] Conspiracy theories about Napoleon Bonaparte’s death started immediately after his death on the 5th of May 1821. A publication in Nature suggested he was murdered by arsenic poisoning due to detection of high arsenic levels in his hair [1] although this was refuted by later research. The ‘elephant in the room’ is Napoleon’s misuse of Eau de Cologne that has not been discussed in terms of its toxic effects. He consumed 2-3 bottles daily. It was rubbed on his body, poured on his head, and he drank and inhaled it as medication. After his death, Napoleon’s body was washed with Eau de Cologne [2] which contains 2-5% essential oils from citrus fruits and other plants dissolved in alcohol. Essential oils can act as endocrine disruptors [3] and many of the symptoms displayed by Napoleon can be attributed to this, including him developing breasts and having a hairless body. His suffering from seizures and feeling cold all the time can also be attributed to endocrine disrupting effects of the essential oils. Many years of exposure to excessively high concentrations of essential oil may have led him to develop gastric cancer. There are studies linking essential oil and endocrine disrupting chemicals to gastrointestinal cancer. Eau de Cologne was a double-edged sword for Napoleon. Due to its high alcohol content, its antiseptic property protected him from bacterial and viral infections during his military campaigns but the endocrine disrupting property of essential oils caused changes in his physical appearance, leading to illness and eventually death. References: [1] Forshufvud, S., Smith, H. and Wassén, A., 1961. Arsenic content of Napoleon I's hair probably taken immediately after his death. Nature, 192(4798), pp.103-105. [2] Weider, B. and Hapgood, D., 1998. The murder of Napoleon. iUniverse., pp. 4 [3] Henley, D.V., Lipson, N., Korach, K.S. and Bloch, C.A., 2007. Prepubertal gynecomastia linked to lavender and tea tree oils. New England Journal of Medicine, 356(5), pp.479-485

Comprehensive Security Framework for Global Threats Analysis

Cyber criminality activities are changing and becoming more and more professional. With the growth of financial flows through the Internet and the Information System (IS), new kinds of thread arise involving complex scenarios spread within multiple IS components. The IS information modeling and Behavioral Analysis are becoming new solutions to normalize the IS information and counter these new threads. This paper presents a framework which details the principal and necessary steps for monitoring an IS. We present the architecture of the framework, i.e. an ontology of activities carried out within an IS to model security information and User Behavioral analysis. The results of the performed experiments on real data show that the modeling is effective to reduce the amount of events by 91%. The User Behavioral Analysis on uniform modeled data is also effective, detecting more than 80% of legitimate actions of attack scenarios

Superintendent and School Board Relations: Impacting Achievement through Collaborative Understanding of Roles and Responsibilities

One of the most important and influential persons in the governance structure of the local school district is the Superintendent of Schools. Functioning as the CEO of the district, the superintendent is responsible for a myriad of functions. Examples include daily operations inclusive of transportation and finance, curriculum and policy implementation, media relations, and empowering leaders. However, as Meador (2014) contends, a crucial role is that of board liaison. The Superintendent is responsible for keeping the board informed, making recommendations regarding district operations, and setting the board agenda. It is interesting to note that the superintendent does participate in board meetings, but in an advisory capacity. Finally, the superintendent is responsible for enacting all mandates approved by the school board

Examining the Effects of Cultural Dimensions on Deviant IS Use Behaviour in a Developing Economy Context

Information System (IS) tools and applications create opportunities for a positive digital change to all individuals and organizations in the global workplace to improve competitiveness and quality of work life. Recent studies have shown that the most problematic areas in IS security incidences are people-related factors. In this regard, employees are causing IS security risks and vulnerabilities as they use those resources, especially by exercising their legitimate and lawful rights, mainly because people are the weakest link on IS security matters. On the one hand, the effects of organizational sanctions are not always effective due to socio-cultural variabilities, and so far they have not been able to fully defend employee related IS misuse or misconduct. On the other hand, the use of neutralization techniques supports individuals to justify their deviant actions, but differently to people in different socio-cultural bases. To examine such a problem, therefore, culture as a moderator, criminological constructs and level of employees’ awareness to IS security as independent variables are employed to explain IS misuse intention in unison are proposed through a comprehensive conceptual research model. A positivist research paradigm using a cross-sectional quantitative survey data collection approach will be adapted to help empirically test the model. To validate the model and its constructs, the study will apply SEM-PLS data analysis techniques using Smart-PLS and SPSS with Amos. Finally, this study in progress discusses the potential practical and theoretical contributions and plans to provide scientific evidence based on its findings