Interpreting the management of information systems security

The management of adverse events within organisations has become a pressing issue as the perceptions of risk continue to heighten. However the basic need for developing secure information systems has remained unfulfilled. This is because the focus has been on the means of delivery of information, i.e. the technology, rather than on the various contextual factors related to information processing. The overall aim of this research is to increase understanding of the issues and concerns in the management of information systems security. The study is conducted by reviewing the analysis, design and management of computer based information in two large organisations - A British national Health Service Hospital Trust and a Borough Council. The research methodology adopts an interpretive mode of inquiry. The management of information systems security is evaluated in terms of the business environment, organisational culture, expectations and obligations of different roles, meanings of different actions and the related patterns of behaviour. Findings from the two case studies show that an inappropriate analysis, design and management of computer based information systems affects the integrity and wholeness of an organisation. As a result, the probability of occurrence of adverse events increases. In such an environment there is a strong likelihood that security measures may either be ignored or are inappropriate to the real needs of an organisation. Therefore what is needed is coherence between the computer based information systems and the business environment in which they are embedded. In conclusion, this study shows that to resolve the problem of managing information systems security, we need to understand the deep seated pragmatic aspects of an organisation. Solutions to the problem of security can be provided by interpreting the behavioural patterns of the people involved

Patient safety: are we maximizing the potential of the pharmacist's role? [Editorial]

Original article can be found at: http://www.medicinescomplete.com/journals/ijpp/current/ Copyright Pharmaceutical Press.Peer reviewe

Development and the interaction of enforcement institutions

We examine how institutions that enforce contracts between two parties, producers and consumers, interact in a competitive market with one-sided symmetric information and productivity shocks. We compare an informal enforcement mechanism, reputation, the efficacy of which is enhanced by consumers investing in “connectedness,” with a formal mechanism, legal enforcement, the effectiveness of which can be reduced by producers by means of bribes. When legal enforcement is poor, consumers connect more with one another to improve informal enforcement; in contrast, a well-connected network of consumers reduces producers’ incentives to bribe. In equilibrium, the model predicts a positive relationship between the the frequency of productivity shocks, bribing, and the use of informal enforcement, providing a physical explanation of why developing countries often fail to have efficient legal systems. Firm-level estimations confirm the partial equilibrium implications of the model

Leader reputation and default in sovereign debt

This paper compares default incentives in competitive sovereign debt markets when leaders can be either democratically elected or dictators. When leaders can be replaced as in democracies, the incentives for repayment are mainly the ego rents from office and the possibility of getting a corrupt leader from replacement. In a dictatorship, on the other hand, the cost of not repaying loans is the permanent loss of reputation and the loss of future access to credit. There is a trade off between repayment and risk sharing. We show, counter-intuitively, that when ego rents are low, and value of reputation to dictators is high, then democracies repay more often and have lower risk premia than dictatorships