Information Security Risk (ISR) has become an important focus in MIS literature as of late (Hale 1996; Hancock 2000; Jaamour 2005). However, few studies have attempted to analyze the types of articles being published as well as defining the area of research interest in security literature. The purpose of this study demarcates the historical and maturation of ISR research in MIS by a comprehensi...

the current study aims to investigate the relationship between stock liquidity risk and financial information quality criteria (i.e. the timely dividends announcement, accruals quality and the percentage of profitability prediction error) of companies listed on the tehran stock exchange. for this purpose, 148 cases of data from listed companies, collected from 2007 to 2012, were employed in ord...

Many problems in cyber trust exist at least partially because the people and institutions involved are not properly motivated to solve them. The incentives are often perverse, misaligned, or missing. By improving economic, social, and personal incentives, cyber trust can be significantly improved. The incentive-based approach is based on modern enterprise risk management methods and experiences...

Maintenance is one approach to manage risk by a reduction of the probability of failure of technical systems and/or the consequences of their failure. However, history has shown that erroneous maintenance also can lead to reduced quality, incidents and accidents with extensive losses. Today, eMaintenance promises great opportunities for a paradigm shift from a rather narrow condition-based main...

Information System and Information Technology (IS/IT) development and implementation have become more difficult with the rapid introduction of new technology and the increasing complexity of the marketplace. IS/IT projects often encounter a range of problems that can be described as failure. Thus, learning from an analysis of past projects and from the issues contributing to failure is becoming...

This paper reports progress towards the development of a practical risk analysis and management framework for intelligent information systems based on the state-of-art techniques in uncertainty management. We provide an analysis of challenges raised by the need to manage risk and identify a set of key requirements for a practical framework that can support risk management in real environments t...

This article is the second of two whose goal is to advance the discussion of IS risk by addressing limitations of the current IS risk literature. The first article [Alter and Sherer, 2004] presented a general, but broadly adaptable model of system-related risk that addressed the limited usefulness of existing IS risk models for business managers. In this article, we focus on organizing risk fac...

Risks are factors frequently beyond control and can negatively impact organizational ability to achieve the established goals. These are factors that create differences between the reality and an ideal situation. Accurate evaluation of potential risks is integral to a large-scale project, especially when the project has enormous and longterm organizational implications. In that aspect, the risk...

This paper is devoted to the presentation of a risk-management methodology specifically developed for assessing and analysing risks incurred by the business transactions of an organisation. A transaction is a part of a business information system that has one or other functional goal. An order-entry-and-delivering-ofgoods transaction forming part of an MRP (materials, requirement & planning) in...

The idea of risk permeates the information security field. We use terms like ‘‘risk management’’, ‘‘risk assessment’’, ‘‘risk model’’ and ‘‘risk analysis’’ every day, and those topics are themselves the subject of countless papers and articles in security journals and magazines. But has the concept of risk become so ingrained within our profession that we have become over confident about how mu...