In the Dutch e-voting debate, the crucial issue leading to the abandonment of all electronic voting machines was compromising radiation, or tempest. Other countries, however, do not seem to be bothered by this risk. In this paper, we use actor-network theory to analyse the socio-technical origins of the Dutch tempest issue in e-voting, and its consequences for e-voting beyond the Netherlands. W...

This paper discusses the findings of an exploratory study investigating IS/IT project risk analysis in large organisations within Western Australia. While a questionnaire was used as a pilot to gain information before in depth interviews were carried out, this is an interpretivist study that investigates data in a qualitative mode of research. The researchers, therefore, sought to interpret ric...

This paper presents Business Integration as a Service (BIaaS) which enables connections between services operating in the Cloud. BIaaS integrates different services and business activities to achieve a streamline process. We illustrate this integration using two services; Return on Investment (ROI) Measurement as a Service (RMaaS) and Risk Analysis as a Service (RAaaS) including small and mediu...

This chapter presents a guided tour of the CORAS method. As illustrated by Fig. 3.1, the CORAS method is divided into eight steps. The first four of these steps are introductory in the sense that we use them to establish a common understanding of the target of the analysis, and to make the target description that will serve as a basis for the subsequent risk identification. The introductory ste...

Stakeholder involvement and participation are widely recognized as being key success factors for IT risk assessment. A particular challenge facing current IT risk assessment methods is to provide accessible abstractions on matters of IT risk that attend to both managerial and technical perspectives of the stakeholders involved. In this paper, we investigate whether a conceptual modeling method ...

We present a framework for dependability consensus building and in-operation assurance for information systems, and show the current prototype implementation. Today, information systems are ever changing systems: they are always modified and updated to satisfy user’s changing requirements and deal with environmental changes. Furthermore, information systems must cope with system failures and co...

The purpose of this study is to construct a web-based learning platform of Computer Support for Collaborative Design (CSCD) based on theories related to a constructivist learning environment model, mind mapping and computer-supported collaborative learning. The platform conforms to the needs of design students and provides effective tools for interaction and collaborative learning by integratin...

This paper outlines an approach to the identification of IT-related risk. The risk is identified from the perspective of the services provided by a software system to the users. The approach assumes the investigation of the service failures with the use of failure mode keywords. The service-based risk identification is supplemented with checklists extracted from standards and classical techniqu...

Risk analysis is the identification and documentation of risks with respect to an organisation or a target system. Established risk analysis methods and guidelines typically focus on a particular system configuration at a particular point in time. The resulting risk picture is then valid only at that point in time and under the assumptions made when it was derived. However, systems and their en...

This paper discusses various approaches to risk analysis of infrastructure systems. The discussion is applied to electric power delivery systems, i.e. transmission and distribution of electric power, with an emphasis on the electric power grid in Sweden. In reviewing a number of the methods of risk analysis, it is concluded that methods from the systems safety and reliability discipline can to ...