Can fuzzy Multi-Criteria Decision Making improve Strategic planning by balanced scorecard?

Strategic management is momentous for organizational success and competitive advantage in an increasingly turbulent business environment. Balanced scorecard (BSC) is a framework for evaluating strategic management performance which translates strategy into action via various sets of performance measurement indicators. The main objective of this research is to develop a new fuzzy group Multi-Criteria Decision Making (MCDM) model for strategic plans selection process in the BSC. For this to happen, the current study has implemented linguistic extension of MCDM model for robust selection of strategic plans. The new linguistic reasoning for group decision making is able to aggregate subjective evaluation of the decision makers and hence create an opportunity to perform more robust strategic plans, despite of the vagueness and uncertainty of strategic plans selection process. A numerical example demonstrates possibilities for the improvement of BSC through applying the proposed model

Developing a conceptual model to evaluate green suppliers: Decision making method using DEMATEL

Nowadays stakeholder pressure and public awareness have been raised against companies‟ environmental impacts, so green supply chain management (GSCM) seems vital for companies‟ environmental compliance and business growth. Companies continuously seek novel ideas and methods enabling them to obtain and/or maintain environmental sustainability. Greening the supply chain is one of such innovative idea involving all of the business value-adding operations, comprising purchasing and in-bound logistics, production and manufacturing, distribution, out-bound logistics and collaboration with patrons and suppliers in a way that has the least negative environmental effect. The main objective of the present study is finding interrelationship between green supplier criteria. For this to happen, we investigated experts‟ opinions through nominal group technique (NGT) to find out the interrelationship and causal preferences of the green supplier evaluation aspects using Decision-Making Trial and Evaluation Laboratory (DEMATEL) method. A numerical example demonstrates the application of the proposed model.N/

Maintaining awareness using policies; Enabling agents to identify relevance of information

The field of computer supported cooperative work aims at providing information technology models, methods, and tools that assist individuals to cooperate. The presented paper is based on three main observations from literature. First, one of the problems in utilizing information technology for cooperation is to identify the relevance of information, called awareness. Second, research in computer supported cooperative work proposes the use of agent technologies to aid individuals to maintain their awareness. Third, literature lacks the formalized methods on how software agents can identify awareness. This paper addresses the problem of awareness identification. The main contribution of this paper is to propose and evaluate a formalized structure, called Policy-based Awareness Management (PAM). PAM extends the logic of general awareness in order to identify relevance of information. PAM formalizes existing policies into Directory Enabled Networks-next generation structure and uses them as a source for awareness identification. The formalism is demonstrated by applying PAM to the space shuttle Columbia disaster occurred in 2003. The paper also argues that efficacy and cost-efficiency of the logic of general awareness will be increased by PAM. This is evaluated by simulation of hypothetical scenarios as well as a case study. © 2011 Elsevier Inc. All rights reserved

Towards an information security awareness process for engineering SMEs in emerging economies

With most employees in Engineering Small and Medium Enterprises (SME) now having access to their own personal workstations, the need for information security management to safeguard against loss/alteration or theft of the firms’ important information has increased. These Engineering SMEs tend to be more concerned with vulnerabilities from external threats, although industry research suggests that a substantial proportion of security incidents originate from insiders within the firm. Hence, technical preventative measures such as antivirus software and firewalls are proving to solve only part of the problem as the employees controlling them lack adequate information security knowledge. This tends to expose a firm to risk and costly mistakes made by naïve/uninformed employees. This dissertation presents an information security awareness process that seeks to cultivate positive security behaviours using a behavioural intention model based on the Theory of Reasoned Action, Protection Motivation Theory and the Behaviourism Theory. The process and model have been refined and verified using expert review and tested through action research at an Engineering SME in South Africa. The main finding was information security levels of employees within the firm were low, but the proposed information security awareness process increased their knowledge thereby positively altering their behaviour

An Information Security Policy Compliance Reinforcement and Assessment Framework

The majority of SMEs have adopted the use of information communication and technology (ICT) services. However, this has exposed their systems to new internal and external security vulnerabilities. These SMEs seem more concerned with external threat related vulnerabilities rather than those from internal threats, although researchers and industry are suggesting a substantial proportion of security incidents to be originating from insiders. Internal threat is often addressed by, firstly, a security policy in order to direct activities and, secondly, organisational information security training and awareness programmes. These two approaches aim to ensure that employees are proficient in their roles and that they know how to carry out their responsibilities securely. There has been a significant amount of research conducted to ensure that information security programmes communicate the information security policy effectively and reinforce sound security practice. However, an assessment of the genuine effectiveness of such programmes is seldom carried out. The purposes of this research study were, firstly, to highlight the flaws in assessing behavioural intentions and equating such behavioural intentions with actual behaviours in information security; secondly, to present an information security policy compliance reinforcement and assessment framework which assists in promoting the conversion of intentions into actual behaviours and in assessing the behavioural change. The approach used was based on the Theory of Planned Behaviour, knowledge, attitude and behaviour theory and Deterrence Theory. Expert review and action research methods were used to validate and refine the framework. The action research was rigorously conducted in four iterations at an SME in South Africa and involved 30 participating employees. The main findings of the study revealed that even though employees may have been well trained and are aware of information security good practice, they may be either unable or unwilling to comply with such practice. The findings of the study also revealed that awareness drives which lead to secure behavioural intents are merely a first step in information security compliance. The study found that not all behavioural intentions converted to actual secure behaviours and only 64% converted. However, deterrence using rewards for good behaviour and punishment for undesirable behaviour was able to increase the conversion by 21%