Enhancement of information security management system by embedding corporate ethical virtue as ethical issues solution

The effectiveness and successful of the Information Security (IS) can be influences by many factors such as the human, process, technology and organizational. Hence, the Information Security Management System (ISMS) is an appropriate approach for handling and managing the information security. However, there are issues of an ethical among human and organizational cultures which affect the successful of the information security. This is because of only focusing on the technical aspect rather than human and organizational solution. The small implementing of the ethics within the information security management leads to leakage of the information in the organization. Thus, the information must be protected by highlight the important of the ethical to make the information valuable assets to the organization. Due to these issues, there are several ethical issues in information security management such as human factor as illegal behaviour and human error, the technology, the process of information security management as accountability and responsibility and also the management and organizational culture factors of information security. In this research, the PDCA is an approach used as the Information Security Management (ISM) which consist of the plan, do, check and act phase. In order to evaluate the enhancement of the ISMS process, the selected Corporate Ethical Virtue (CEV) component is embedded toward the processes as an ethical issues solution. The selected CEV components are Supportability, Clarity, Discussability, Transparency, Sanctionability, Feasibility and Congruency. The proposed of enhancement ISMS process by embedding CEV as an ethical issues solution is validate by the credibility experts

ERP implementation methodologies and frameworks: a literature review

Enterprise Resource Planning (ERP) implementation is a complex and vibrant process, one that involves a combination of technological and organizational interactions. Often an ERP implementation project is the single largest IT project that an organization has ever launched and requires a mutual fit of system and organization. Also the concept of an ERP implementation supporting business processes across many different departments is not a generic, rigid and uniform concept and depends on variety of factors. As a result, the issues addressing the ERP implementation process have been one of the major concerns in industry. Therefore ERP implementation receives attention from practitioners and scholars and both, business as well as academic literature is abundant and not always very conclusive or coherent. However, research on ERP systems so far has been mainly focused on diffusion, use and impact issues. Less attention has been given to the methods used during the configuration and the implementation of ERP systems, even though they are commonly used in practice, they still remain largely unexplored and undocumented in Information Systems research. So, the academic relevance of this research is the contribution to the existing body of scientific knowledge. An annotated brief literature review is done in order to evaluate the current state of the existing academic literature. The purpose is to present a systematic overview of relevant ERP implementation methodologies and frameworks as a desire for achieving a better taxonomy of ERP implementation methodologies. This paper is useful to researchers who are interested in ERP implementation methodologies and frameworks. Results will serve as an input for a classification of the existing ERP implementation methodologies and frameworks. Also, this paper aims also at the professional ERP community involved in the process of ERP implementation by promoting a better understanding of ERP implementation methodologies and frameworks, its variety and history

Evaluation of Airport Security Training Programs: Perspectives and Issues

While many governments and airport operators have emphasized the importance of security training and committed a large amount of budget to security training programs, the implementation of security training programs was not proactive but reactive. Moreover, most of the security training programs were employed as a demand or a trendchasing activity from the government. In order to identify issues in airport security training and to develop desirable security training procedures in an airport, this preliminary study aims at providing (1) the description of current state of airport security training and training in general, (2) the study design and interview guide for studying airport security training, and (3) expected outcome from the study

Implementation and unification of the ERP system in a global company as a strategic decision for sustainable entrepreneurship

This article considered factors connected with the implementation and unification of an ERP (Enterprise Resource Planning) system, and their influence on the sustainable development of global companies. It showed a cognitive model on such impact and gave an example in the form of a case study of a global company listed on the NASDAQ Stock Exchange. The basic strategic objectives of each organization include long-term growth and sustainability. In a growing competitive environment, it is essential to manage the company effectively. This can be achieved provided that the company's organizational structure and operations are properly set from the point of view of the ERP system. The research results were aimed at creating the generalized process of the ERP system's gradual implementation, to make the development of an organization progressive. The paper was focused on describing the implementation and unification of the Enterprise Resource Planning System, in a global company listed on the NASDAQ Stock Exchange. The aim of the paper was to monitor and evaluate, the links between Enterprise Resource Planning and Customer Relationship Management. This process is time consuming and costly. To achieve the aim, the case study was carried out in the form of an expert survey aimed at assessing the impact of the unification and implementation of the ERP system in a global company. The study included methods of systemic analysis, methods of sociological expert survey, a method of qualitative peer review, and a method for a cognitive model. It leads not only to effective management of global companies but enables the monitoring and comparison of Key Performance Indicators and the Net Promoter Score in each country, using the same parameters. The implementation of a unified Enterprise Resource Planning system leads to a significant cost reduction and has a positive impact on the financial indicators reported on the stock exchange. This study highlighted the importance of the implementation of an effective ERP system, to make the development of organizations sustainable.Web of Science108art. no. 291

Success of Implementation of Computer Crime Act (UU Ite No.11 2008) (a Case Study in the Higher Education Institution in Indonesia)

Computer crime rate grow rapidly along with the development of the digital world that has touched almost all aspects of human life. Institutions of higher education cannot be separated from the problem of computer crime activities. The paper analyses the implementation of Indonesia Computer Crime Act (UU ITE NO.11 2008) in the Higher Education Institution in Indonesia. It aims to investigate the level of computer crimes that occurred in the higher education institution environment and the act (UU ITE 11, 2008) successfully applied to prevent the crime that would arise. In this research, the analysis using Descriptive Statistics, Binary logistic regression. This paper also describes the success implementation of the Information System Security Policy (ISSP) as a computer crime prevention policy in higher education institution in Indonesia. In factor of act, clarity of objectives and purpose of the UU ITE 11, 2008 was low, the communication and socialization activities are still low to the society especially to the higher education institution, moreover the control process has been running on UU ITE 11, 2008, but at a low level

Enterprise information security policy assessment - an extended framework for metrics development utilising the goal-question-metric approach

Effective enterprise information security policy management requires review and assessment activities to ensure information security policies are aligned with business goals and objectives. As security policy management involves the elements of policy development process and the security policy as output, the context for security policy assessment requires goal-based metrics for these two elements. However, the current security management assessment methods only provide checklist types of assessment that are predefined by industry best practices and do not allow for developing specific goal-based metrics. Utilizing theories drawn from literature, this paper proposes the Enterprise Information Security Policy Assessment approach that expands on the Goal-Question-Metric (GQM) approach. The proposed assessment approach is then applied in a case scenario example to illustrate a practical application. It is shown that the proposed framework addresses the requirement for developing assessment metrics and allows for the concurrent undertaking of process-based and product-based assessment. Recommendations for further research activities include the conduct of empirical research to validate the propositions and the practical application of the proposed assessment approach in case studies to provide opportunities to introduce further enhancements to the approach

What role does corporate governance play in the intention to use cloud computing technology?

This paper aims to investigate the factors which promote the adoption of cloud-based technology. It strives for a better understanding of the impact of corporate governance on the adoption of this technology. This study concentrated on executives in companies where the use of cloud computing may give a competitive advantage. The main contribution of this work is to propose a model for the influence of corporate governance and other factors that determine the adoption of this technology. A questionnaire was prepared after taking into consideration the reviewed literature. The sample consisted of 164 technology companies from Southern Spain that already use the new economic models for digital solutions. The methodology used to analyze the structural model was the Structural Equation Model (SEM). The results of the survey showed the influence of Corporate Governance and the procedures and practices of the organization on the adoption of cloud computing and the associated business model. This study aims to point out the importance of corporate support and Knowledge Management for the correct and successful adoption of this technology and to show the effects on the new business model of billing for the use of available resources. View Full-Tex

Correlating Architecture Maturity and Enterprise Systems Usage Maturity to Improve Business/IT Alignment

This paper compares concepts of maturity models in the areas of Enterprise Architecture and Enterprise Systems Usage. We investigate whether these concepts correlate, overlap and explain each other. The two maturity models are applied in a case study. We conclude that although it is possible to fully relate constructs from both kinds of models, having a mature architecture function in a company does not imply a high Enterprise Systems Usage maturity

Adaptation of domestic state governance to international governance models

The purpose of the article is to provide the evolving international trends of modern management models and authorial vision of model of state governance system in Ukraine, its subsystems, in particular, the system of provision of administrative services that is appropriate for the contemporary times. Methodology. On the basis of scientific and theoretical approaches to the definitions of terms “state governance” and “public governance”, there was an explanation of considerable difference between them and, taking into consideration, the mentality of Ukrainian society and peculiar weak side in self-organization, the authors offered to form authorial model of governance on the basis of historically traditional for Ukraine model of state governance and to add some elements of management concepts that proved their significance, efficiency and priority in practice. Results. The authors emphasized the following two prevailing modern management models in the international practice: “new state management” and “good governance”. The first concept offered for consideration served as a basis for the semantic content of state activity that reflects more the state of administrative reformation. Practical meaning. A practical introduction of management to the domestic model of governance creates the range of contradictions that do not allow implementing herein concept. Pursuant to authors, the second one allows in considerable measure to reform state governance, considering historically developed peculiarities of this model. Moreover, the involvement of concept herein into introduction of informational and communicational technologies in the process of governance eliminates the necessity of power decentralization, it allows to form real net structure and, at the same, to keep vertical power structure, to involve citizens for formation and taking of management decisions, to form electronic communicational channel of feedback, to provide citizens with electronic administrative services. All indicated advantages of the concept certify about the necessity to reform state governance exactly in this field. Meaning/ Distinction. This article raises a question about the significance of formation and sequence of state policy in Ukraine aimed at creating an information-oriented society, space, as well as informational and technological infrastructure