... affecting security practices. Design/methodology/approach The socio-technical systems theory was used to develop a conceptual process model for analysing organisational practices in terms of their social, technical and environmental influence. The conceptual process model was then applied...

.... Findings The proposed typology allows us to identify different types of research models followed by security researchers and practitioners, and to infer a set of practical implications, for the benefit of those interested in empirically studying information security awareness. Research limitations...

...Subhas C. Misra; Vinod Kumar; Uma Kumar Purpose This paper seeks to present a conceptual modeling approach, which is new in the domain of information systems security risk assessment. Design/methodology/approach The approach is helpful for performing means‐end analysis, thereby uncovering...

..., the authors present a modular approach to ERP vendor and software selection and propose a 0‐1 programming model to minimize total costs associated with procurement and integration expenditures. Findings The proposed approach and the model are considered to be more useful for small manufacturing...

... introduction to CM. Next, we provide definitions of the key concepts of competency based management and analyse the competency lifecycle and the core application areas of CM systems. In the third section, we describe the different phases in developing a competency model, the cornerstone of a CM system...

...Carl Marnewick; Lessing Labuschagne Purpose This article seeks to provide a conceptual model that explains the complexity of an enterprise resource planning (ERP) system to general and project managers in a non‐technical manner that is easily understood. Design/methodology/approach The 4Ps...

...Cungang Yang; Chang N. Zhang Proposes an object‐oriented role‐based access control (ORBAC) model to efficiently represent the real world. Though ORBAC is a good model, administration of ORBAC, including creating and maintaining an access control security policy, still remains a challenging problem...

... methodology for the introduction of security in information systems (IS). However, risk analysis is based on a very simple model of IS as consisting of assets, mainly data, hardware and software, which are vulnerable to various threats. Thus, risk analysis cannot provide for an understanding...

... to enhance information security. They may also place demands on security managers to provide convincing demonstration of conformance to the standards. The risk data repository (RDR) computer model described in this paper was developed to manage organisational information security data and facilitate risk...

...V. Portougal; Lech J. Janczewski The paper discusses a set of models which can assist in developing security profiles of objects and subjects operating within industrial or commercial organisations’ databases. In these databases the information objects are often related to each other, having...

...Lam‐for Kwok States that traditional information security models address only the micro view of how to maintain a secure environment by controlling the flows of information within protection systems and the access to controlled data items. Argues that these models do not aim to, and cannot, reflect...