An Investigation Of Organizational Information Security Risk Analysis

Despite a growing number and variety of information security threats, many organizations continue to neglect implementing information security policies and procedures.  The likelihood that an organization’s information systems can fall victim to these threats is known as information systems risk (Straub & Welke, 1998).  To combat these threats, an organization must undergo a rigorous process of self-analysis. To better understand the current state of this information security risk analysis (ISRA) process, this study deployed a questionnaire using both open-ended and closed ended questions administered to a group of information security professionals (N=32).  The qualitative and quantitative results of this study show that organizations are beginning to conduct regularly scheduled ISRA processes.  However, the results also show that organizations still have room for improvement to create idyllic ISRA processes.&nbsp

Enterprise Resource Planning Research: Where Are We Now and Where Should We Go From Here?

The research related to Enterprise Resource Planning (ERP) has grown over the past several years. This growing body of ERP research results in an increased need to review this extant literature with the intent of identifying gaps and thus motivate researchers to close this breach. Therefore, this research was intended to critique, synthesize and analyze both the content (e.g., topics, focus) and processes (i.e., methods) of the ERP literature, and then enumerates and discusses an agenda for future research efforts. To accomplish this, we analyzed 49 ERP articles published (1999-2004) in top Information Systems (IS) and Operations Management (OM) journals. We found an increasing level of activity during the 5-year period and a slightly biased distribution of ERP articles targeted at IS journals compared to OM. We also found several research methods either underrepresented or absent from the pool of ERP research. We identified several areas of need within the ERP literature, none more prevalent than the need to analyze ERP within the context of the supply chain

An Investigation Of Organizational Information Security Risk Analysis

Despite a growing number and variety of information security threats, many organizations continue to neglect implementing information security policies and procedures.  The likelihood that an organization’s information systems can fall victim to these threats is known as information systems risk (Straub & Welke, 1998).  To combat these threats, an organization must undergo a rigorous process of self-analysis. To better understand the current state of this information security risk analysis (ISRA) process, this study deployed a questionnaire using both open-ended and closed ended questions administered to a group of information security professionals (N=32).  The qualitative and quantitative results of this study show that organizations are beginning to conduct regularly scheduled ISRA processes.  However, the results also show that organizations still have room for improvement to create idyllic ISRA processes.&nbsp