A socio-organizational approach to information systems security management in the context of internet banking

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.This thesis takes a social and organizational point of view for studying information systems security in the context of internet banking. While the internet provides opportunities for businesses to extend their public network infrastructure, reduce transaction costs, and sell a wide range of products and services worldwide, security threats impede the business. Although, a number of valuable information systems security approaches have been developed through the years they tend to offer narrow, technically oriented solutions and they ignore the social aspects of risks and the informal structures of organizations. To this end, there is an emphasis in the literature to adopt a socio-organizational approach to information systems security (ISs) management. This thesis is based on the assumption that information systems security in the context of internet banking can be efficiently investigated and understood through a systematic and comprehensive study of various social organizational aspects in the goal setting context. To this end, the thesis presents a novel approach to the management of information systems security based on the use of the performance pyramid model. Using previous research in the social organizational literature this work examines the interrelationship of trust, culture, and risk communication and their possible effect on the level of goal setting within the context of information systems security management with a focus on internet banking. It explores and discusses the process of goal setting in the context of risk management. Based on the proposed performance pyramid model this research identifies the determinants of trust, culture, and risk communication as well as the determinants of goal commitment at macro level. The thesis contributes to interpretive information systems research with the in-depth analysis and study of the social organizational concepts in a security management context and its grounding within an interpretive epistemology. It emphasises the importance and interrelationship between different socio-organizational aspects of goal setting theory and demonstrates the values of each aspect in the information systems security domain thus contributing to a rich insight in the particular empirical research context

A socio-organizational approach to information systems security management in the context of internet banking

This thesis takes a social and organizational point of view for studying information systems security in the context of internet banking. While the internet provides opportunities for businesses to extend their public network infrastructure, reduce transaction costs, and sell a wide range of products and services worldwide, security threats impede the business. Although, a number of valuable information systems security approaches have been developed through the years they tend to offer narrow, technically oriented solutions and they ignore the social aspects of risks and the informal structures of organizations. To this end, there is an emphasis in the literature to adopt a socio-organizational approach to information systems security (ISs) management. This thesis is based on the assumption that information systems security in the context of internet banking can be efficiently investigated and understood through a systematic and comprehensive study of various social organizational aspects in the goal setting context. To this end, the thesis presents a novel approach to the management of information systems security based on the use of the performance pyramid model. Using previous research in the social organizational literature this work examines the interrelationship of trust, culture, and risk communication and their possible effect on the level of goal setting within the context of information systems security management with a focus on internet banking. It explores and discusses the process of goal setting in the context of risk management. Based on the proposed performance pyramid model this research identifies the determinants of trust, culture, and risk communication as well as the determinants of goal commitment at macro level. The thesis contributes to interpretive information systems research with the in-depth analysis and study of the social organizational concepts in a security management context and its grounding within an interpretive epistemology. It emphasises the importance and interrelationship between different socio-organizational aspects of goal setting theory and demonstrates the values of each aspect in the information systems security domain thus contributing to a rich insight in the particular empirical research context.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Performance Measurement in the United Kingdom (UK) retail banking industry

The assets size of the UK commercial banking industry accounts for a significant proportion of the European commercial banking total assets. Given the developed nature of the UK country and its attendant economic transitioning; the significant growth in the financial service industry; the divergence of banks’ ownership structures; recurring incidence of business combinations; proliferation of financial institutions; strategic cost management; and lax regulation in the UK banking industry, it is considered important to examine the Performance Measurement Systems (PMS) adopted by UK retail banks to cope with these vagaries. Besides, studying the PMS utilised by banks operating in leading economies like the UK, could provide useful insights, guidance, and practice-adoption for other developed and emerging nations. The research was undertaken to address these concerns. Data was collected through a survey of 15 UK retail banks. Statistics such as charts, percentage analysis, Wilcoxon signed rank test, Pearson Chi – square, Kruskal Wallis test, and Mann- Whitney U test were utilised for data analyses. There is empirical evidence from the study that within the UK retail banking industry, the three most common PMS utilised are; the Balanced Scorecard, Performance dashboards, and financial performance measures. Notwithstanding that the PMS in the UK banking industry is symmetrical across banks, and relatively balances a mix of financial and non-financial measures, it is the recommendation of this research that the UK banking industry can be improved by making PMS more flexible in order to embed and account for changes in banks’ strategies. Keywords: Performance measurement, risk, strategy, strategic cost management, UK Bank

Police functional adaptation to the digital or post digital age: discussions with cybercrime experts.

This article examines the challenges of functional adaptation faced by the police in response to technologically driven changes in the nature of crime. It also recounts how research under the auspices of a ‘dark web’ research project resulted in a search for an effective approach to engaging with investigators dealing with cybercrime. In doing so it tested, as a research methodology, a standard change implementation tool (problem tree analysis) from the Disaster Management and Sustainable Development (DMSD) discipline. This in turn resulted in significant consideration being given to the physical space in which that methodology is used. It presents the results of a workshop held with cybercrime investigators (not all were police officers) in terms of the importance of four key organisational and cultural issues (management, leadership and institutional ethos within the police; the risks of over-complication and exaggerated distinctions between cyber and real world policing; ethics; and knowledge, training and development) alongside the development and acquisition of new technical capabilities

Hybrid VFT/Delphi Method to Facilitate the Development of Information Security Strategies in Developing Countries

As systems become more interconnected the vulnerability to cyber attack also increases. The increased use of information and communication technology (ICT) in developing countries and the dangers associated with interconnectivity grows equally. The lack of an established guideline for information security planning and execution in developing countries further complicates this problem. There is the need for a holistic approach to information security planning. This study will use a combination of the Value Focused Thinking methodology and the measured Delphi Method to develop a framework that can assist decision makers and stakeholders in developing countries to craft and execute their information security strategies

Early career development in Chinese banking : the impact of overseas education on graduate experiences

Considering the crucial role played by state-owned enterprises (SOEs) and multinational corporations (MNCs) in China’s economic reform, and the growing number and importance of Chinese overseas educated graduates, this thesis explores the early career-development of returnee graduates. The research draws on theoretical perspectives relating to human, social and cultural capital, along with theories of motivation, adaptation and job satisfaction in the course of career development, applied in the Chinese context. Two qualitative case studies were carried out in the banking sector: one in an SOE and the other in an MNC. This involved interviewing returnees, local graduates and managers on their perceptions of the integration of returnees into the organisations. At the individual level, it considered the value of overseas education and the capital possessed by returnees, observing how human capital was produced through graduates’ early stages of career development, and how this contributed to their place of work. At the organisational level, by making use the perceptions of HR managers as well as self-evaluation from returnees, the advantages and disadvantages of returnees were explored, together with their actual utilisation, the rationales behind the HR strategies adopted by the two organisations. This led to an understanding of how the integration of returnees is affected by different social and corporate settings

Smartphones

Many of the research approaches to smartphones actually regard them as more or less transparent points of access to other kinds of communication experiences. That is, rather than considering the smartphone as something in itself, the researchers look at how individuals use the smartphone for their communicative purposes, whether these be talking, surfing the web, using on-line data access for off-site data sources, downloading or uploading materials, or any kind of interaction with social media. They focus not so much on the smartphone itself but on the activities that people engage in with their smartphones

E-loyalty : its antecedents, implications and differences between developing and developed countries

Data from 387 Indonesian and 222 Australian online customers were used to test the relationships between valid and reliable constructs measuring e-security, e-service quality, perceived e-value, e-satisfaction, e-trust, e-commitment, and e-loyalty in a model of e-loyalty, which was also compared between Indonesia as a developing country and Australia as a developed country. E-security, e-service quality, perceived e-value, e-satisfaction, e-trust, and e-commitment were found to influence e-loyalty while e-security was also found to influence e-service quality. Some of the interrelationships between the constructs influencing e-loyalty differed between developing and developed countries and identified differences between on-line customer behaviours in these countries