1. A real-world information security performance assessment using a multidimensional socio-technical approachKaja Prislan Mihelič, Anže Mihelič, Igor Bernik, 2020, izvirni znanstveni članek Opis: Measuring the performance of information security is an essential part of the information security management system within organisations. Studies in the past mainly focused on establishing qualitative measurement approaches. Since these can lead to ambiguous conclusions, quantitative metrics are being increasingly proposed as a useful alternative. Nevertheless, the literature on quantitative approaches remains scarce. Thus, studies on the evaluation of information security performance are challenging, especially since many approaches are not tested in organisational settings. The paper aims to validate the model used for evaluating the performance of information security management system through a multidimensional socio-technical approach, in a real-world settings among medium-sized enterprises in Slovenia. The results indicate that information security is strategically defined and compliant, however, measures are primarily implemented at technical and operational levels, while its strategic management remains underdeveloped. We found that the biggest issues are related to information resources and risk management, where information security measurement-related activities proved to be particularly problematic. Even though enterprises do possess certain information security capabilities and are aware of the importance of information security, their current practices make it difficult for them to keep up with the fast-paced technological and security trends.
Ključne besede: information security, information security management, organisations, qualitative measurement
Objavljeno v DKUM: 07.02.2025; Ogledov: 0; Prenosov: 4
 Celotno besedilo (1,17 MB)
Gradivo ima več datotek! Več... |
2. Barriers to knowledge sharing in the field of information securityJustyna Żywiołek, Joanna Rosak-Szyrocka, Borut Jereb, 2021, izvirni znanstveni članek Opis: Today, sharing knowledge requires taking into account many aspects. Variable environmental conditions, the people factor, and the security of resources are just a few that should be considered for a noticeable improvement in the functioning of the company. Supporting this course of action requires the identification of all barriers that may exist in the enterprise. Only the owner and senior management by establishing system and organizational changes can influence this element of the business. The aim of the article is to indicate the problems in this respect that block the proper functioning of the company in the field of information and knowledge exchange. The survey was conducted with the help of a questionnaire among 189 respondents. The industry has significantly decreased in the last few decades, currently there are 307 companies operating in Poland. Conclusions from the conducted research were collected on the basis of a questionnaire survey. The further stage of the research will be to compare the collected results with the results from Western European countries.
Ključne besede: knowledge sharing, knowledge management, information security, knowledge exchange, business organization, Poland
Objavljeno v DKUM: 22.10.2024; Ogledov: 0; Prenosov: 7
Celotno besedilo (484,62 KB)
Gradivo ima več datotek! Več... |
3. Evolution of organisational agility : a bibliometric studyVasja Roblek, Vlado Dimovski, Maja Meško, Judita Peterlin, 2022, izvirni znanstveni članek Opis: Purpose: This study applies bibliometric analysis to explore the evolution of the research paradigm of agility related to management and organisations.
Design/methodology/approach: Authors prepared a quantitative study of the review of selected articles using co-citation analysis and bibliographic coupling. Based on the bibliometric analyses, the evolution of the agility field (past, present, and future of agility research) was prepared.
Findings: Emergent themes focus on the importance of agility in interpreting organisational responses in the context of issues as diverse as information systems and business intelligence systems, market orientation, strategic alignment and social computing. Future research needs to focus on digitisation in conjunction with informatisation, an important topic for creating a new organisational culture and knowledge management through increased collaboration between humans and machines.
Originality/value: As the authors are aware, this study is one of the first to choose to show the overall development and importance of agility through quantitative bibliometric methods used to assess the value and contribution of scientific productivity and its impact on development.
Ključne besede: organization, management, information systems, supply chain management
Objavljeno v DKUM: 03.07.2024; Ogledov: 107; Prenosov: 30
Celotno besedilo (1,92 MB)
Gradivo ima več datotek! Več... |
4. Outsource or not? : An AHP based decision model for information security managementLuka Jelovčan, Anže Mihelič, Kaja Prislan Mihelič, 2022, izvirni znanstveni članek Opis: Purpose: Outsourcing information security has proven to be an efficient solution for information security management; however, it may not be the most suitable approach for every organization. This research aimed to develop a multi-criteria decision-making model that would enable organizations to determine which approach to information security management (outsourcing or internal management) is more suitable for their needs and capabilities.
Methods: Our study utilized several different research methods. First, the decision criteria were identified by reviewing related work and then selected by information security experts in a focus group. Second, a survey was conducted among information security practitioners to assign the criteria weights. Third, four use cases were conducted with four real-world organizations to assess the usability, ease of use, and usefulness of the developed model.
Results: We developed a ten-criteria model based on the analytic hierarchy process. The survey results promote performance-related criteria as more important than efficiency-focused criteria. Evidence from use cases proves that the decision model is useful and appropriate for various organizations.
Conclusion: To make informed decisions on approaching information security management, organizations must first conduct a thorough analysis of their capabilities and needs and investigate potential external contractors. In such a case, the proposed model can serve as a useful support tool in the decision-making process to obtain clear recommendations tailored to factual circumstances.
Ključne besede: information security, decision model, analytic hierarchy process, AHP, management, outsourcing
Objavljeno v DKUM: 24.06.2024; Ogledov: 141; Prenosov: 27
Celotno besedilo (1,97 MB)
Gradivo ima več datotek! Več... |
5. Geo-information technology for disaster risk assessmentĐorđe Ćosić, Sađan Popov, Dušan Sakulski, Ana Pavlović, 2011, izvirni znanstveni članek Opis: The Serbian territory (including the territory of the former Yugoslavia) has been continuously exposed to different hazards, often with tragic consequences. Earthquakes and floods, usually followed by landslides, are the most dominant hazards in that region. Disaster risk reduction, prevention and early warning, as an integral part of sustainable development, do not exist in Serbia. That is one of the main reasons why the disaster-related damage is high. Despite very long experience in engineering and resources management in Serbia, there are no scientifically supported and standardized disaster risk-assessment procedures. Expertise only exists in the field of engineering-based hazard assessment.
The risk-assessment method proposed in this research includes, apart from hazards, parameters such as vulnerability, exposure and safety. It considers the environmental and social components of risk management. The proposed method, implementing combined mathematical and 3D GIS tools, was applied for the Danube River, Petrovaradin (the city of Novi Sad) area, for which data were available. The relationship between the risk parameters is calculated and graphically presented. Methods like this one should contribute to a shift from a passive disaster-related defense to a proactive disaster risk management, as well as from emergency management only, to disaster prevention, preparedness and mitigation activities, in Serbia and the Western Balkan Region.
Ključne besede: hazard, vulnerability, safety, resilience, coping capacity, risk assessment, risk management, geographic information systems, earthquake, landslide, flooding, exceedance
Objavljeno v DKUM: 13.06.2018; Ogledov: 1186; Prenosov: 185
Celotno besedilo (418,04 KB)
Gradivo ima več datotek! Več... |
6. Trends that will shape the professions of the future information societyAlenka Stanič, Tanja Urbančič, 2009, izvirni znanstveni članek Opis: In this paper we discuss the trends in present society that will have the most important influence in shaping future jobs, with an emphasis on issues related to sustainable development and an information society. We point out that based on the requirements of educated end-users, companies will have to follow the principles of sustainable development and social responsibility. In future, due to technical development, natural resources, environmental issues and demographical trends in the developed western world, the most attractive jobs will be in high technology, health and medical care, as well as the pleasure and free time industry. The most important sectors will be informatics and telecommunication, logistics, safety, healthcare and life-long education.
Ključne besede: information society, knowledge management, end-user, sustainable development, socially responsible companies, jobs of the future
Objavljeno v DKUM: 22.01.2018; Ogledov: 1340; Prenosov: 372
Celotno besedilo (166,80 KB)
Gradivo ima več datotek! Več... |
7. |
8. A successful CRM implementation project in a service company : case studyFranka Piskar, Armand Faganel, 2009, izvirni znanstveni članek Opis: Customer relationship management - CRM implementations increased rapidly in Slovenia in the last few years, following the trends elsewhere. Studies reporting how the implementation project goes on before, between and after the implementation are scarce. We offer a thorough case study analysis of the CRM implementation with a positive outcome in a Slovene service company. Case study demonstrates that CRM implementation is a holistic and complex concept, which means that it is not merely an integration of new information technology, but everything that happens around the business processes changes. We recommend that the company has already established a process approach and the orientation toward customers. Study showed the need for efficient leadership, acquirement of resources and CRM strategy implementation control; trust to the software solution shouldn't be self-understood. Through implemented analytical CRM company can improve the relationship with customers, achieve larger information sharing between employees and accept better strategic decisions.
Ključne besede: customer relationship management, implementation, customer focus, process approach, quality, customer information, marketing, service company, Slovenia
Objavljeno v DKUM: 28.11.2017; Ogledov: 1608; Prenosov: 252
Celotno besedilo (619,42 KB)
Gradivo ima več datotek! Več... |
9. Bullwhip effect in the information flow of a supply chain : a role of cultureTadeja Lampret, Vojko Potočan, 2014, izvirni znanstveni članek Opis: The main goal of our research is to analyze and display causes of a bullwhip effect formation within a supply chain, as well as to provide the appropriate solutions to limit the occurrence of the bullwhip effect by using the proper information flow and partners´ cooperation within the supply chain. The bullwhip effect is one of the most important issues in the supply chain management and it is present in many companies. It preserves a character of invisibility because there are lots of causes for its formation and they are usually difficult to discern. The bullwhip effect is a phenomenon of an increase in the order variability within a supply chain. The higher we are within the supply chain, the higher is the order variability. The company encountered with the whip effect can successfully reduce its impact by improving the information flow, as well as improving partners´ cooperation within the supply chain. In this way the company can limit its negative repercussions and increase the profit. The article focuses on the overview of the bullwhip effect within a distribution chain, from its causes to suggestions and measures how to ease its negative repercussions on the organisation. Part of the causes could be found in the market demand variability and in the lack of communication about the actual marked demand within the supply chain. The rest of the causes are related to obstacles that emerge among different partners within the supply chain (role of culture). A qualitative analysis is applied on the basis of the selected cognitions from the supply chain management. The quantitative analysis is based on the theoretical research of the effective flow of information among the participants and its contribution to the reduction of the bullwhip impact. The article discusses two research questions: 1) The correct information flow within the supply chain and the improvement of the communication among partners can lead to the bullwhip effect reduction, and 2) A reduction of the bullwhip influence can lead to the increase of cooperation among partners. The results of the analysis can be used for further research.
Ključne besede: bullwhip effect, information flow, marked demand variability, orders variability, supply chain, logistics, business logistics, management, acquisition policy
Objavljeno v DKUM: 06.07.2017; Ogledov: 1664; Prenosov: 222
Celotno besedilo (279,62 KB)
Gradivo ima več datotek! Več... |
10. Measuring information security performance with 10 by 10 model for holistic state evaluationIgor Bernik, Kaja Prislan Mihelič, 2016, izvirni znanstveni članek Opis: Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model—ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it’s recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.
Ključne besede: information security, organizations, efficiency, measuring, security management
Objavljeno v DKUM: 19.06.2017; Ogledov: 1906; Prenosov: 497
Celotno besedilo (2,92 MB)
Gradivo ima več datotek! Več... |
