The information security policy unpacked:a critical study of the content of university policies

Ensuring the security of corporate information, that is increasingly stored, processed and disseminated using information and communications technologies [ICTs], has become an extremely complex and challenging activity. This is a particularly important concern for knowledge-intensive organisations, such as universities, as the effective conduct of their core teaching and research activities is becoming ever more reliant on the availability, integrity and accuracy of computer-based information resources. One increasingly important mechanism for reducing the occurrence of security breaches, and in so doing, protecting corporate information, is through the formulation and application of a formal information security policy (InSPy). Whilst a great deal has now been written about the importance and role of the information security policy, and approaches to its formulation and dissemination, there is relatively little empirical material that explicitly addresses the structure or content of security policies. The broad aim of the study, reported in this paper, is to fill this gap in the literature by critically examining the structure and content of authentic information security policies, rather than simply making general prescriptions about what they ought to contain. Having established the structure and key features of the reviewed policies, the paper critically explores the underlying conceptualisation of information security embedded in the policies. There are two important conclusions to be drawn from this study: (1) the wide diversity of disparate policies and standards in use is unlikely to foster a coherent approach to security management; and (2) the range of specific issues explicitly covered in university policies is surprisingly low, and reflects a highly techno-centric view of information security management.

Dialogue, partnership and empowerment for network and information security:the changing role of the private sector from objects of regulation to regulation shapers

The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given its rapidly developing cyber security policy. Since the 1990s, we could observe the creation of three broad areas of policy interest: cyber-crime, critical information infrastructures and cyber-defence. One of the main trends transversal to these areas is the importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.

Combining ERP systems with enterprise 2.0

The paper discusses both the complementary factors and contradictions of adoption ERP based systems with enterprise 2.0. ERP is well known as its' efficient business process management. Also the high failure rate the system implementation is famous as well. According to [1], ERP systems could achieve efficient business performance by enabling a standardized business process design, but at a cost of flexibility in operations. However, enterprise 2.0 supports flexible business process management, informal and less structured interactions [3],[4],[21]. Traditional researcher claimed efficiency and flexibility may seem incompatible in that they are different business objectives and may exist in different organizational environments. However, the paper will break traditional norms that combine ERP and enterprise 2.0 in a single enterprise to improve both efficient and flexible operations simultaneously. Based on the multiple cases studies, four cases presented different attitudes on usage ERP systems and enterprise social systems. Based on socio-technical theory, the paper presents in-depth analysis benefits of combination ERP with enterprise 2.0 for these firms.

The core critical success factors in implementation of enterprise resource planning systems

The Implementation of Enterprise Resource Planning (ERP) systems require huge investments while ineffective implementations of such projects are commonly observed. A considerable number of these projects have been reported to fail or take longer than it was initially planned, while previous studies show that the aim of rapid implementation of such projects has not been successful and the failure of the fundamental goals in these projects have imposed huge amounts of costs on investors. Some of the major consequences are the reduction in demand for such products and the introduction of further skepticism to the managers and investors of ERP systems. In this regard, it is important to understand the factors determining success or failure of ERP implementation. The aim of this paper is to study the critical success factors (CSFs) in implementing ERP systems and to develop a conceptual model which can serve as a basis for ERP project managers. These critical success factors that are called “core critical success factors” are extracted from 62 published papers using the content analysis and the entropy method. The proposed conceptual model has been verified in the context of five multinational companies.

Combining ERP systems with enterprise 2.0

The chapter discusses both the complementary factors and contradictions of adoption ERP-based systems with Enterprise 2.0. ERP is well known as IT's efficient business process management. Enterprise 2.0 supports flexible business process management, informal, and less structured interactions. Traditional studies indicate efficiency and flexibility may seem incompatible because they are different business objectives and may exist in different organizational environments. However, the chapter breaks traditional norms that combine ERP and Enterprise 2.0 in a single enterprise to improve both efficient and flexible operations simultaneously. Based on multiple case studies, the chapter analyzes the benefits and risks of the combination of ERP with Enterprise 2.0 from process, organization, and people paradigms. © 2013 by IGI Global.

Joining the dots:building the evidence base for SME growth policy

This introductory article to the special issue on building the evidence base for small and medium-sized enterprise (SME) growth policy reviews the themes covered by the contributions to the special issue and identifies a number of directions for future research and policy.

Enterprise management and ERP development:case study of Zoomlion using dynamic enterprise reference grid

The enterprise management approach provides a holistic view of organizations and their related information systems. In order to cope with the globalization, virtualization, and volatile competitive environment, traditional firms are seeking to reconstruct their organizational structures and establish new IS architectures to transform from single autonomous entities into more open enterprises supported by new Enterprise Resource Planning (ERP) systems. This paper reports on ERP engage-abilities within three different enterprise management patterns based on the theoretical foundations of the "Dynamic Enterprise Reference Grid". An exploratory inductive study in Zoomlion using the narrative research approach has been conducted. Also, this research delivers a conceptual framework to demonstrate the adoption of ERP in the three enterprise management structures and points to a new architectural type (ERPIII) for operating in the virtual enterprise paradigm. © 2010 Springer-Verlag.