Fears associated with maternal death: Selected midwives’ lived experiences in the Ashanti Region of Ghana

Like the fear associated with the demise of loved ones, maternal deaths at any health facility equally illicit fear among midwives. This jeopardises their ability to achieve the quality of work expected of them. There is a depth of literature on midwives and fear associated with maternal death. Therefore, this paper seeks to explore the lived experiences of midwives who, in the discharge of their professional duties, have come face-to-face with maternal death in selected hospitals of Ashanti region in Ghana. The study applies a qualitative research paradigm and exploratory descriptive design in the overall collection and analysis of data. Purposive sampling was used to select 57 participants (18 supervisors and 39 ward midwives). The data was collected through semistructured interviews and focus group discussions, and managed by computer data analysis package (Atlas ti version 7.1.7). Content analysis was employed to analyse the data. Six themes emerged from the analysed data, namely fear of death, recurrence of death, fear of the Maternal Death Review (MDR) Process, fear of deceased family members’ reactions, fear of stigma from community members and fear of lawsuit/withdrawal of license. The study established that fear experienced by midwives as a result of maternal death may affect their quality of work life and the quality of services provided to patients under their care. It is therefore recommended that, all health facilities in the Ashanti Region should institute support programmes to assist midwives cope with challenges associated with death of patients.DHE

Adapted Loss Database – A New Approach to Assess IT Risk in Automated Business Processes

Service-oriented architectures (SOA) provide companies with dynamic IT infrastructures to adapt business processes flexibly to new requirements. However, the success of SOA will also depend on the ability to manage risk resulting from frequent and context-specific changes of IT support for automated business processes. Assessing this IT risk is challenging, since frequently changing relations between the causes of risk and their effects on business processes turns established methods for assessing risk into a game of hazard. Following a design science approach, this contribution proposes a novel approach for taking changes of cause-effect relations into consideration. Based on a backward-directed recalculation of historical loss data, a risk-adjusted loss database is generated that can provide a more realistic basis for assessing IT risk

Towards an Intelligence-Driven Information Security Risk Management Process for Organisations

Three deficiencies exist in information security under prevailing practices: organisations tend to focus on compliance over protection; to estimate risk without investigating it; and to assess risk on an occasional (as opposed to continuous) basis. These tendencies indicate that important data is being missed and that the situation awareness of decision-makers in many organisations is currently inadequate. This research-in-progress paper uses Endsley\u27s situation awareness theory, and examines how the structure and functions of the US national security intelligence enterprise—a revelatory case of enterprise situation awareness development in security and risk management—correspond with Endsley’s theoretical model, and how facets of the US enterprise might be adapted to improve situation awareness in the information security risk management process of organisations

Enhancing Information Security Risk Management with Security Analytics: A Dynamic Capabilities Perspective

The importance of information security risk management (ISRM) and its potential strategic role in protecting organisational information assets is widely studied in literature. Less attention is given to how ISRM can be enhanced using security analytics to contribute to a competitive advantage. This paper proposes a model showing that security analytics capabilities (the ability to effectively use security data for informed security related decision making) and ISRM capabilities (the ability to effectively identify and protect organizational information assets) indirectly influence competitive advantage in ISRM through two key mediating links: analytics-enabled ISRM capabilities (the ability to effectively leverage insights gleaned from security data to make informed ISRM decisions) and ISRM dynamic capabilities (the ability to reconfigure analytics-enabled ISRM capabilities to address turbulent environments). Environmental turbulence moderates the process by which security analytics and ISRM capabilities influence competitive advantage. The paper concludes by calling for evaluation and refinement of the research model

Empirical Evaluation of Information Security Planning and Integration

Organizations can choose how to integrate information security through planning and structuring of the information security function. This study aims to examine how the planning and structuring choices of the organization impacts the effective utilization of information security strategies. This study examines information security planning integration through a stages of growth perspective and finds that more mature information security planning integration is positively correlated with more effective utilization of information security deterrence, detection, and recovery strategies. This study also finds that a decentralized structure of information security management activities has a positive effect on the maturity of information security planning integration. This study suggest the maturity of information security planning integration that has a direct effect on the utilization of information security strategies and mediates the relationship between structure of information security management activities and utilization of information security strategies

Visão conceitual de modelos de gerenciamento de riscos à segurança organizacional

Throughout the evolutionary process world security consolidated as preponderant factor of success for the various segments, aggregating value to social development, economic and technological development. The demands arising from the scenarios of violence, common to major centers of population, promoted the allocation of efforts with a view to the protection of resources tangible and intangible, highlighting the need of reasoned planning for the management of risks which may to hit negatively in organizational environments. In this context, the objective of this research is to build a systemic analysis of a theoretical reference showing the academic and empirical knowledge more relevant in the area of risks management to security organization. With this purpose, from a process structured, held searches to access journals available through the portal of CAPES, reaching a theoretical composed for 17 publications aligned to this subject. The publications that integrate the theoretical this research were analyzed in 07 criteria: [1] the concept of risk; [2] the concept of risk analysis; [3] the dossiers submitted to identify the aspects to be taken into account in risk analysis; [4] the procedures used to measure the degree of risk; [5] the procedures used to determine the level of anchoring the scales of measuring the degree of risk; [6] the procedures used to integrate the scales to the degree of overall risk; and [7] the procedures to build actions of processing. With this, it was possible to identify the state of art for these seven aspects and for best practice propose referrals to promote their improvement.Ao longo do processo evolutivo mundial a segurança consolidou-se como um fator preponderante de sucesso para os mais diversos segmentos, agregando valor ao desenvolvimento social, econômico e tecnológico. As demandas decorrentes dos cenários de violência, comuns aos grandes centros populacionais, impulsionaram a alocação de esforços com vistas à proteção de recursos tangíveis e intangíveis, evidenciando a necessidade do planejamento fundamentado no gerenciamento de riscos que possam impactar negativamente nos ambientes organizacionais. Neste contexto, o objetivo da presente pesquisa consiste em construir uma análise sistêmica de um referencial teórico que evidencie o conhecimento acadêmico e empírico mais relevante na área do gerenciamento de riscos à segurança organizacional. Com tal propósito, a partir de um processo estruturado, realizaram-se buscas junto aos periódicos com acesso disponibilizados através do portal da Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES), chegando-se a um referencial teórico composto por 17 publicações alinhadas ao presente tema. As publicações que integram o referencial teórico desta pesquisa foram analisadas segundo 07 critérios, sendo eles, [1] o conceito de risco; [2] o conceito de análise de risco; [3] os processos apresentados para identificar os aspectos a serem tidos em conta na análise de riscos; [4] os processos utilizados para mensurar o grau de risco; [5] os processos utilizados para determinar o nível de ancoragem das escalas de mensuração do grau de risco; [6] os processos utilizados para integrar as escalas para o grau de risco global; e [7] os processos para construir ações de aperfeiçoamento. Com isto, foi possível identificar o estado da arte para estes sete aspectos e para as melhores práticas propor encaminhamentos para promover seu aperfeiçoamento.

Foundations for an Intelligence-driven Information Security Risk-management System

Information security risk management (ISRM) methods aim to protect organizational information infrastructure from a range of security threats by using the most effective and cost-efficient means. We reviewed the literature and found three common deficiencies in ISRM practice: 1) information security risk identification is commonly perfunctory, 2) information security risks are commonly estimated with little reference to the organization’s actual situation, and 3) information security risk assessment is commonly performed on an intermittent, non-historical basis. These deficiencies indicate that, despite implementing ISRM best-practice, organizations are likely to have inadequate situation awareness (SA) regarding their information security risk environments. This paper presents a management system design that organizations can use to support SA in their ISRM efforts

O gerenciamento de riscos afins à segurança empresarial: a estruturação de um modelo de avaliação fundamentado segundo uma visão construtivista

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Engenharia de Produção, Florianópolis, 2010Ao longo do processo evolutivo mundial a segurança consolidou-se como um fator preponderante de sucesso para os mais diversos segmentos, agregando valor ao desenvolvimento social, econômico e tecnológico. As demandas decorrentes dos cenários de violência, comuns aos grandes centros populacionais, impulsionaram a alocação de esforços com vistas à proteção de recursos tangíveis e intangíveis, evidenciando a necessidade do planejamento fundamentado no gerenciamento de riscos que possam impactar negativamente ambientes empresariais. Neste contexto, o objetivo da presente pesquisa consiste em propor a estruturação de um modelo que permita apoiar o gerenciamento de riscos de tal forma a promover a segurança empresarial. Com tal propósito, foi utilizada a metodologia MCDA-C com o intuito de gerar conhecimento quanto aos riscos afins à segurança que possam impactar a sede patrimonial de um ambiente empresarial, localizado na região metropolitana de Florianópolis. Os resultados obtidos evidenciam um efetivo apoio ao processo decisório, e evidenciado pela explicitação de 76 critérios identificados pelo decisor como necessários e suficientes para representar o grau de risco da organização em estudo. Para cada um destes foi construído uma escala cardinal com seus níveis de referência e sobre estas, identificado o grau de risco atual. Este conjunto de mensurações permitiu mostrar o perfil de desempenho da organização naquele momento, ao mesmo tempo em que permitiu ter um processo para construir ações para melhorar o desempenho atual. Com isto, foi possível passar a performance atual de 14,81 pontos para 51,60 pontos para a escala construída. O conhecimento gerado permite, ainda, continuar o processo de aperfeiçoamento