pp. 128, 1a edizione 2012 (Codice editore 724.43)
Risk and Security are revisited through a lens that combines organizational theories and management, the whole seen from the perspective of a framework that enriches the design phase with new tasks to ensure that the resulting information system complies not only with security, but also other requirements.
Presentazione del volume
The originality of the book's approach is to elevate the role of risk and security from that of an accessory function, one defined by guidelines, to a key component of organizational design. Risk and Security are revisited through a lens that combines organizational theories and management, the whole seen from the perspective of a framework that enriches the design phase with new tasks to ensure that the resulting information system complies not only with security, but also other requirements.
That organizational theories related to risk can provide considerable support to both the concept and the practice of security and this is meticulously explored in the book, hopefully encouraging other academic analyses of aspects that, thanks to the widespread use of technology that affects us all regardless of time or place, play a key role in our daily life.
The book further rewards us by extending the concept and definition of risk well beyond the realm of information systems to comprise also human resources, assigning critical importance to these latter when it comes to building a well-protected information system.
The book marries the practical and theoretical aspects with a skill that makes it a valuable aid to both research and practice.
Maurizio Cavallari is adjunct professor of Università Cattolica's Faculty of Banking, Finance and Insurance Sciences and Faculty of Economics. A teacher of Information systems for many years, he has actively participated in a number of research projects, including some funded by the European Union. He is currently a member of LSI-SIN (Legal and Security Issues-Special Interest Network) group at Brussels (part of the EU CEPIS agency) and an advisor on Information Technology and Organization, the field he teaches.
(The Purpose; The Methodology; Philosophical Perspective; The Theory Baseline; Qualitative and Quantitative Methods)
Risk and Security: Subtle Definitions
(Risk; Sharing Very High Risks; A Significant Exemplification; The Organization of Risk)
Rationality and Human Action
(Intro; An Actual Paradigm Delving Into the Past; A Critique of the Paradigm)
Rational Action and Sociology
(The Awareness; Sociology and Rationality)
The Organizational Issues of the Human Factor
(Definition; The Concept; Human-Machine Interaction; Management of Human Errors; Human Error and Accident Management; The HERMES Conceptualization; Human-Machine Systems' Models; Classification of the Human Factor; A Comparison Proposal; The Social Side of the Study; Other Approaches; Root Cause Analysis (RCA); Human Reliability; Regular Audits within the Organization)
Policy and Rational Action
(The Basic Concept; The Actors and the Rules; The Resources and the Policies; Risk, Culture and Organization; Grid and Group Analysis; Risk and Interference; Risk and Views; Facts and Reality; Organization and Uncertainty; Rationality and Social Meaning)
Risk and Competitive Environment
(The General Problem; Cooperation, Organization and Risk; Context and Organization; Social Ties and Risk)
Information Systems, Cooperation Work and Security
(Cooperative Work; Design; Specifications; Computer Supported Cooperative Working and Design; CSCW Analysis; Organizational Conclusion about CSCW)
Information Systems, Human Factor and Security
(Human Interaction and IS Security; Organizations and Security Options)
Tutti i campi devono essere compilati.