Information security risk management and incompatible parts of organization
Abstract: we prepared a
questionnaire to evaluate Incompatible parts and also risk management in
University of Science and Technology E-Learning Center and studying the
Incompatible parts impacts on utility of organization.
Design/methodology/approach: By using coalitional game theory we present
a new model to recognize the degrees of incompatibility among independent
divisions of an organization with dependent security assets. Based on positive
and negative interdependencies in the parts, the model provides how the
organization can decrease the security risks through non-cooperation rather
than cooperation. we implement the proposed model of this paper by analyzing
the data which have been provided by questionnaires from different three
managers' ideas of Iran University of Science and Technology E-Learning Center
located in Iran University of Science and Technology, Tehran, Iran.
Findings: In general, by collecting data and analyzing them, the survey
showed that Incompatible parts of organizations have negative impacts on
utility of organization risk management process. Furthermore, it adds values to
other organizations and provides the best practices in planning, developing,
implementing and monitoring risk management in organizations.
Research limitations/implications: Since Information security and also
Risk Management are still areas which need to improve in some Iranian
universities, we couldn’t consider them in our analysis. On the other hand, due
to questionnaire limitation, the study’s sample size is 1. This size may be
considered large for our statistical analysis.
Originality/value: The main
contribution of this paper is to propose a model for non-cooperation among a
number of divisions in a organization and using risk management factors.
Author: Elham Talabeigi,
Seyyed Gholamreza Jalali Naeeini
Journal Code: jptindustrigg160042