48 research outputs found
A catalog of information systems outsourcing risks
Information systems outsourcing risks are a vital component in the decision and management process associated to the provision of information systems and technology services by a provider to a customer. Although there is a rich literature on information systems outsourcing risks, the accumulated knowledge on this area is fragmented. In view of this situation, an argument is put forward on the usefulness of having a theory that integrates the various constructs related to information systems outsourcing risks. This study aims to contribute towards the synthesis of that theory, by proposing a conceptual framework for interpreting the literature and presenting a catalog of information systems outsourcing risks. The conceptual framework articulates together six key risk elements, namely dangers, negative outcomes, undesirable consequences, factors and mitigation actions. The catalog condenses and categorizes the information systems outsourcing risk elements found on the literature reviewed, both from the perspective of the outsourcing customer and from the perspective of the outsourcing provider. Proposals for subsequent work towards the generation of the theory of information systems outsourcing risk are suggested
A revised framework of information security principles
Confidentiality, Integrity and Availability are referred to as the basic principles of Information Security. These principles have remained virtually un-changed over time, but several authors argue they are clearly insufficient to pro-tect information. Others go a step further and propose new security principles, to update and complement the traditional ones. Prompt by this context, the aim of this work is to revise the framework of Information Security principles, making it more current, complete, and comprehensive. Based on a systematic literature re-view, a set of Information Security principles is identified, defined and character-ized, which, subsequently, leads to a proposal of a Revised Framework of Infor-mation Security Principles. This framework was evaluated in terms of completeness and wholeness by intersecting it with a catalog of threats, which re-sulted from the merger of four existing catalogs. An initial set of security metrics, applied directly to the principles that constitute the framework, is also suggested, allowing, in case of adverse events, to assess the extent to which each principle was compromised and to evaluate the global effectiveness of the information pro-tection efforts.Programa Operacional Fatores de Competitividade – COMPETE and National funds by FCT – Fundação para a Ciência e Tecnologia under Project FCOMP-01-0124-FEDER-022674
Information security policies : a content analysis
Completed research paperAmong information security controls, the literature gives a central role to information security policies. However, there is a reduced number ofempirical studies about the features and components of information security policies. Thisresearch aims to contribute to fill this gap. It presents a synthesis of the literature on information security policies content and it characterizes 25 City Councils information security policy documents in terms of features and components. The content analysis research technique was employed to characterize the information security policies. The profile of the policies is presented and discussed and propositions for future work are suggested.(undefined
Institutionalization of information systems security policies adoption: factors and guidelines
Information systems security policies are pointed out in literature as one of the main controls to be applied by organizations for protecting their information systems. Despite this, it has been observed that, in several sectors of activity, the number of organizations having adopted that control is low. This study aimed to identify the factors which condition the adoption of information systems security policies by organizations. Methodologically, the study involved interviewing the officials in charge of information systems in 44 Town Councils in Portugal. The factors facilitating and inhibiting the adoption of information systems security policies are presented and discussed. Based on these factors, a set of recommendations to enhance the adoption of information systems security policies is proposed. The study used Institutional Theory as a theoretical framework
Information systems security policies : a survey in portuguese public administration
Information Systems Security is a relevant factor for present organizations. Among the security measures, policies assume a central role in literature. However, there is a reduced number of empirical studies about the adoption of information systems security policies. This paper contributes to mitigate this flaw by presenting the results of a survey in
the adoption of Information System Security Policies in Local Public Administration in Portugal. The results are discussed in light of literature and future works are identified with the aim of enabling the adoption of security policies in Public Administration.(undefined
Information systems security outsourcing key issues : a service providers' perspective
Completed research paperThere is a perception that information systems security outsourcing, in spite entailing a relationship between a client and one or more providers, tends to be studied and analysed from the perspective of the client. A gap is then believed to exist in the study of the information systems security outsourcing
relationship from the point of view of the service provider. This research aims to identify the key issues of such a relationship from the perspective of the service provider and rank them according to their importance. The Delphi method was used to support the communication with the group of experts contributing to this research as well as to boost consensus within the group. Final interviews with participants were also conducted with the aim of reaching deeper into their opinions and to shed a
brighter light over the results of the Delphi. A ranked list of the 13 most important key issues found is presented and discussed and propositions for further work are put forward in the wake of the study.Fundação para a Ciência e a Tecnologia (FCT
Trust in e-Voting systems : a case study
Completed research paperThe act of voting is one of the most representative of Democracy,
being widely recognized as a fundamental right of citizens. The method of
voting has been the subject of many studies and improvements over time. The
introduction of electronic voting or e-voting demands the fulfillment of several
requirements in order to maintain the security levels of the paper ballot method
and the degree of trust people place in the voting process. The ability to meet
those requirements has been called into question by several authors. This
exploratory research aims to identify what factors influence voters’ confidence
in e-voting systems. A case study was conducted in an organization where such
a system has been used in several elections. A total of 51 e-voters were
interviewed. The factors that were found are presented and discussed, and
proposals for future work are suggested.Fundação para a Ciência e a Tecnologia (FCT
Supporting intense needs of assessment in computer programming disciplines
Completed research paperAfter several years of experience teaching computer programming
disciplines, the major insight about how to succeed became very clear. Students
must work in a weekly flawless base. Instead, students tend to study
occasionally with strong peeks of work at assessment eves. However,
implementing assessments in a weekly base requires a lot of resources and that
is not easy to obtain. At an earlier stage, a sequence of experiments proved the
influence of weekly assessment in students’ success in computer programming
disciplines. A methodology to guide the weekly rhythm was developed and
finally an automated assessment tool solved the problem of lack of resources.Fundação para a Ciência e a Tecnologia (FCT
Procura de profissionais de Tecnologias e Sistemas de Informaçao
Neste documento caracteriza-se a procura publicada por profissionais de tecnologias e sistemas de informação,
a nível nacional, conforme levantamento de anúncios de emprego realizado no ano de 2019.
O estudo realizado enquadra-se no processo de reflexão sofre a oferta educativa do Departamento de Sistemas
de Informação da Escola de Engenharia da Universidade do Minho, desencadeado na sequência da decisão da
tutela de extinção dos cursos de mestrado integrado em todas as áreas de formação, exceto Medicina e
Arquitetura.
O processo de reflexão é presidido por João Álvaro Carvalho, Professor Catedrático na
Universidade do Minho e Diretor do Departamento de Sistemas de Informação da Escola de Engenharia da
Universidade do Minho, e os trabalhos são coordenados por Filipe de Sá-Soares, Professor
Auxiliar na Universidade do Minho e Diretor-Adjunto do Departamento de Sistemas de Informação da Escola de
Engenharia da Universidade do Minho