Requirement Model for CIAC Services Feedback System (CSFS)

The universities may have an edge on the candidate’s competition, each strives to be a world recognized educational institution therefore Universiti Utara Malaysia is striving to keep hold of its global vision through the Centre for International Affairs & Cooperation (CIAC) department which is in charge of this mission. Services provided by the CIAC such as visa, accommodation and transportation are very important for the improvement of the academic and administrative quality and excellence in the education in Universiti Utara Malaysia. A requirement model for CIAC services feedback system based on the perspective of the students is developed to provide the CIAC’s decision-makers a wealth of valuable information about the response levels of the students regarding the critical services provided by the university. This requirements were gathered and developed in order to come out with a system that can perform survey easily, cost- effectively, time shortly with reports in the form of charts, graphs without needs of using data analysis tools. The collected requirements are verified and validated using a prototype to confirm that it fulfills the client needs and specifications. Rational Unified Process (RUP) methodology was adopted in order to fulfill the objectives

Online Questionnaire Data Analysis System (OQDAS)

The aim of this project is to develop an Online Questionnaire Data Analysis System (OQDAS) for researchers in University Utara Malaysia. This system enables research questionnaires to be deployed via a web page and provide a great source of information to all UCTM researchers. By developing this project, it helps the researcher to perform survey easily, cost-effectively, and time shortly. In addition, analytical results reported in PDF file automatically. As well, a prototyping as a part of the traditional SDLC approach will be chosen as a guide to develop OQDAS

An Analysis of Social Networking Sites: Privacy Policy and Features

Social Networking Sites (SNSs) are at the heart of many people lives, and the majority of both students and adults who use them to share information, keeping contact with old friends and meeting new acquaintances. However, the increasing number of action on online services also gives a raised to privacy concerns and issues. Therefore, the main purpose of this study is investigate the two SNSs i.e. Facebook and Friendster in terms of privacy policy and features, users‟ preferences and needs as well as producing a guideline for good SNSs from users design perspective. In an attempt to achieve the objectives of this study, however, two different approaches were employed; first literature has reviewed for two SNSs for the comparative analysis, and secondly quantitative approach technique was used. Online questionnaire was designed and published on the web and the respondents were able to access and sent back respectively. The survey was limited only to one hundred respondents within the Universiti Utara Malaysia. Findings from this study reveal that there are significant differences and similarities between Facebook and Friendster privacy policy and features. However, Friendster has hidden users‟ identity information by default to only friends, while Facebook has made it public to everyone. Results from survey in this study indicate that most of the respondents disclose information including personal and private information with public and friends, nevertheless, many respondents prefer to share their personal and private information with friends. Although, majority of respondents are aware of privacy setting changes, while they have notable attitude toward privacy protection as well as trust. This study usher a new era towards knowledge of social networking sites and the result can be use to the body of literature on information system with emphasis on privacy policy setting and features

User Information Security Behavior in Professional Virtual Communities: A Technology Threat Avoidance Approach

The popularization of professional virtual communities (PVCs) as a platform for people to share experiences and knowledge has produced a paradox of convenience versus security. The desire to communicate results in disclosure where users experience ongoing professional and social interaction. Excessive disclosure and unsecured user security behavior in PVCs increase users’ vulnerability to technology threats. Nefarious entities frequently use PVCs such as LinkedIn to launch digital attacks. Hence, users are faced with a gamut of technology threats that may cause harm to professional and personal lives. Few studies, however, have examined users’ information security behavior and their motivation to engage in technology threat avoidance behavior in a PVC. This study tested a professional virtual community technology threat avoidance model empirically. The model was developed from the conceptualization of different aspects of the technology threat avoidance theory, social cognitive theory, and involvement theory through an integrated approach. This quantitative study employed a random sampling methodology. Prior to collecting data for the main study an expert panel review and a pilot study were conducted. A web-based survey designed with a 5-point Likert scale was distributed to 1285 LinkedIn members to gather self-reported data on users’ technology threat avoidance behavior. Confirmatory factor analysis (CFA) and structural equation modeling (SEM) were used to analyze the data gathered from 380 respondents. The results of the data analysis revealed that perceived susceptibility, perceived severity, and information security knowledge sharing are strong predictors of avoidance motivation. Information security knowledge sharing had the most significant predicting effect on avoidance motivation in PVCs. Also, self-efficacy, group norms, and avoidance motivation all have a significant predicting effect on users’ information security avoidance behavior in PVCs. However, information security experience and safeguarding measure cost do not have a significant predicting effect on users’ information security avoidance motivation. This study makes significant contributions to the IS body of knowledge and has implications for practitioners and academics. This study offers a comprehensive model through the integration of behavioral and cognitive theories to better understand user information security behavior in PVCs. The model also identifies essential elements to motivate users to engage in technology threat avoidance behavior

An Investigation of Factors Motivating Employee Attitudes and Intentions to Share Knowledge in Homeland Security

The terrorist events of September 11, 2001, highlighted the inability of federal employees and officials to collaborate and share actionable knowledge-based information with the right people at the right time. However, much of the literature on knowledge sharing provided insight into knowledge sharing in private sector organizations and foreign public-sector organizations, instead of domestic public sectors or the United States federal government. While the importance of knowledge sharing for homeland security has been documented in the literature, there are no established frameworks that evaluate knowledge sharing motive and intentions in this context. The main goal of this research was to understand what motivates employee attitudes and intentions to share knowledge, by empirically assessing a model, testing the impact of the factors of expected rewards, expected contributions, expected associations, trust, and information technology (IT) type and usage on employee attitudes and intentions toward knowledge sharing in homeland security. The technology acceptance model and the theory of reasoned action served as the theoretical framework to understand motivation factors that affect employee attitudes, intentions, and their influence on knowledge sharing behaviors, as well as the technology used in sharing knowledge. Data were collected from employees and affiliates of the United States Department of Homeland Security (N = 271), using a Web-based survey. The effects of expected rewards, expected contributions, expected associations, trust, and IT type usage were studied using regression analyses. The statistical results revealed that expected contributions and expected associations were positively related to attitudes to share knowledge, but expected rewards were not significantly related to attitudes to share knowledge. Results also revealed that attitudes to share knowledge was positively related to intentions to share knowledge, but trust did not significantly moderate this relationship. Finally, the results revealed that intentions to share knowledge was positively related to knowledge sharing, and IT-type usage positively moderated this relationship. The research model showed significant results to support five of the seven hypotheses proposed and revealed key findings on factors that influence employee attitudes and intentions to share knowledge in homeland security. This research advances prior findings and contributes to knowledge sharing research, practice, and overall literature regarding knowledge sharing, individual behaviors, attitudes, and intentions to share knowledge, technology acceptance, and usage. This contribution to the body of knowledge provides researchers, policymakers, and decision-makers with foundations for improving collaboration through information and knowledge sharing across traditional and nontraditional organizational boundaries

Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the incentive to take security awareness training on their own. Research in security awareness and security behavior has produced conflicting results. Therefore, it is not clear, how security aware home computer users are or to what extent security awareness affects the security behavior of home computer users. The goal of this study was to determine if there is a relationship between security awareness and users practicing good security behavior. This study adapted its research model from the health belief model (HBM), which accesses a patient’s decision to perform health related activities. The research model included the HBM constructs of perceived severity, perceived susceptibility, perceived threat, perceived benefits, perceived barriers, cues to action, and self-efficacy. The research model also contained the security awareness (SA) and concern for information privacy (CFIP) constructs. The model used SA to ascertain the effect of security awareness on a person’s self-efficacy in information security (SEIS), perceived threat, CFIP, and security behavior. The research model included CFIP to ascertain its effect on security behavior. The developed survey measured the participants\u27 security awareness, concern for information privacy, self-efficacy, expectations of security actions, perceived security threats, cues to action, and security behavior. SurveyMonkey administered the survey. SurveyMonkey randomly selected 267 participants from its 30 million-member base. The findings of this study indicate home computer users are security aware. SA does not have a direct effect on a user’s security behavior, perceived threat, or CFIP. However, it does have influence on SEIS. SEIS has a weak effect on expectations. CFIP has an effect on a user’s security behavior after removing perceived threat from the research model. Perceived susceptibility has a direct effect on a user’s security behavior, but perceived severity or perceived threat does not

Leading within the middle: Perspectives on middle leadership in secondary school improvement

This study provides an investigative and analytical view of the social and political processes occurring within the implementation of a system initiated and resourced, secondary school improvement initiative (SSII) in a Catholic urban school system in a capital city on the East coast of Australia. The SSII follows a tiered model of implementation within a local school system [in this case, the MacKillop Catholic School System, (MCSS)] and its schools through a group of school-based middle-level leaders, the School Improvement Middle Leaders (SIMLs). This thesis is a six-site case study. The lens of symbolic interactionism is adopted as the theoretical perspective and multiple-site case study adopted as the methodology. It explores the experiences of SIMLs working within the SSII reform initiative across the MCSS to investigate influences of the SSII on the interactions occurring within each school and the school system structures. Successful reform is about creating the conditions, which enable teachers to change and improve their practice. Models of school reform can adopt two views. The inside view of school reform focuses on the capacity of a school to transform itself. Teacher learning is crucial, and school conditions need to foster that learning. This type of model can be described as “bottom up”. An outside view of school reform is one involving the implementation of externally-developed initiatives. A model in which innovations and practices developed by policy-makers and then transferred to multiple settings (“scaling up”) can be described as “top-down”. The SSII is an example of a blended “top down” and “bottom up” initiative in secondary schools. This multiple site case study uses individual, semi-structured interviews and an online survey instrument, to gather the participants’ perspectives on the numerous, different experiences that occur in six secondary schools as a result of the implementation of this school improvement initiative. The central findings of the study are reflected in a proposed model, which describes the conditions that enable a school improvement middle leader within a school to support teachers and facilitate an improvement in their practice. This study serves to highlight the complexities that occur within the school reform agendas in systems and secondary schools, and the pressures placed on middle leaders charged with the responsibility of leading an initiative within their unique school context. The complex nature of secondary schools and how they operate within a school system means any new initiatives are challenged, situated and adopted within the existing established hierarchies of these organisations. Exploring these complexities assists in understanding the nature of school change, social interactions, and the concept of middle leadership within the unique and common features of urban secondary schools

A risk based approach for managing information technology security risk within a dynamic environment

Information technology (IT) security, which is concerned with protecting the confidentiality, integrity and availability of information technology assets, inherently possesses a significant amount of known and unknown risks. The need to manage IT security risk is regarded as an important aspect in the daily operations within organisations. IT security risk management has gained considerable attention over the past decade due to the collapse of some large organisations in the world. Previous investigative research in the field of IT security has indicated that despite the efforts that organisations use to reduce IT security risks, the trend of IT security attacks is still increasing. One of the contributing factors to poor management of IT security risk is attributed to the fact that IT security risk management is often left to the technical security technologists who do not necessarily employ formal risk management tools and reasoning. For this reason, organisations find themselves in a position where they do not have the correct approach to identify, assess and treat IT security risks. The IT security discipline is complex in nature and requires specialised skills. Organisations generally struggle to find a combination of IT security and risk management skills in corporate markets. The scarcity of skills leaves organisations with either IT security technologists who do not apply risk management principles to manage IT security risk or risk management specialists who do not understand IT security in order to manage IT security risk. Furthermore, IT is dynamic in nature and introduces new threats and vulnerabilities as it evolves. Taking a look at the development of personal computers over the past 20 years is indicative of how change has been constant in this field, from big desktop computers to small mobile computing devices found today. The requirement to protect IT against threats associated with desktops was far less than the requirement associated with protecting mobile devices. There is pressure for organisations to ensure that they stay abreast with the current technology and associated risks. Failure to understand and manage IT security risk is often cited as a major cause of concern within most organisations’ IT environments because comprehensive approaches to identify, assess and treat IT security risk are not consistently applied. This is due to the fact that the trend of IT security attacks across the globe is on the increase, resulting in gaps when managing IT security risk. Employing a formal risk based approach in managing IT security risk ensures that risks of importance to an organisation are accounted for and receive the correct level of attention. Defining an approach of how IT security risk is managed should be seen as a fundamental task and is the basis of this research. This study aims to contribute to the field of IT security by developing an approach that assists organisations in treating IT security risk more effectively. This is achieved through the use of a combination of existing best practice IT security frameworks and standards principles, basic risk management principles, as well as existing threat modelling processes. The approach developed in this study serves to encourage formal IT security risk management practices within organisations to ensure that IT security risk is accounted for by senior leadership. Furthermore, the approach is anticipated to be more proactive and iterative in nature to ensure that external factors that influence the increasing trend of IT security threats within the IT environment are acknowledged by organisations as technology evolves.ComputingM. Sc. (Computing

Critical success factors for the implementation of an operational risk management system for South African financial services organisations

Operational risk has become an increasingly important topic within financial institutions of late, resulting in an increased spend by financial service organisations on operational risk management solutions. While this move is positive, evidence has shown that information technology implementations have tended to have low rates of success. Research highlighted that a series of defined critical success factors could reduce the risk of implementation failure. Investigations into the literature revealed that no critical success factors had been defined for the implementation of an operational risk management system. Through a literature study, a list of 29 critical success factors was identified. To confirm these factors, a questionnaire was developed. The questionnaire was distributed to an identified target audience within the South African financial services community. Reponses to the questionnaire revealed that 27 of the 29 critical success factors were deemed important and critical to the implementation of an operational risk management system.Business ManagementM. Com. (Business Management