Accesso libero

Process security methods and measurement in the context of standard management systems

Agnes Kemendi
Agnes Kemendi
 e 
Pal Michelberger
Pal Michelberger
   | 18 lug 2024
Engineering Management in Production and Services's Cover Image
INFORMAZIONI SU QUESTO ARTICOLO
Articolo precedente
Articolo Successivo
Cita
Pubblicato online: 18 lug 2024
Pagine: 148 - 165
Ricevuto: 01 ott 2023
Accettato: 15 mar 2024
DOI: https://doi.org/10.2478/emj-2024-0019
Parole chiave
© 2024 Agnes Kemendi et al., published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Alolah, T., Stewart, R. A., Panuwatwanich, K., & Mohamed, S. (2014). Determining the causal relationships among balanced scorecard perspectives on school safety performance: Case of Saudi Arabia. Accident Analysis & Prevention, 68, 57-74. Search in Google Scholar

Amer, F., Hammoud, S., Khatatbeh, H., Lohner, S., Boncz, I., & Endrei, D. (2022). The deployment of balanced scorecard in health care organisations: is it beneficial? A systematic review. BMC Health Services Research, 22(1), 1-14. Search in Google Scholar

Anthony, R. N. (1965). Planning and control systems: a framework for analysis. Boston: Harvard Business School. Search in Google Scholar

Arsenault, B. (2023). Your Biggest Cybersecurity Risks Could Be Inside Your Organisation. Harvard Business Review. Retrieved from https://hbr.org/2023/03/your-biggest-cybersecurity-risks-could-be-inside-your-organisation Search in Google Scholar

Azour, F., Moussami, H. E., Dahbi, S., & Ezzine, L. (2017). Integration of health and safety at work and environment perspectives in the balanced scorecard. Proceedings of the International Conference on Industrial Engineering and Operations Management Rabat Morocco, 1113-1121. Search in Google Scholar

Badreddine, A., Romdhane, T. B., & Amor, N. B. (2009). A New Process-Based Approach for Implementing an Integrated Management System: Quality, Security, Environment. International Multi-Conference of Engineers and Computer Scientists, 1742-1747. Search in Google Scholar

Bakhtina, M., Matulevičius, R., & Seeba, M. (2023). Tool-supported method for privacy analysis of a business process model, Journal of Information Security and Applications, 76. doi: 10.1016/j.jisa.2023.103525 Search in Google Scholar

Beheshti, A. R., Kamali, K., Arghami, S., & Mohammadi, A. (2018). Assessing the Performance of the Health, Safety and Environment Management System (HSE) using the Modified Balanced Scorecard Model. Journal of Iranian Medical Council, 1(2), 87-95. Search in Google Scholar

Čiutienė, R., Čiarnienė, R., & Gaidelys, V. (2022). Safety and Health at the Workplace in the Context of COVID-19: The Case of a Dental Clinic. Engineering Management in Production and Services,14(2), 95-105. doi: 10.2478/emj-2022-0019 Search in Google Scholar

Corrales-Estrada, A. M., Gómez-Santos, L. L., Bernal-Torres, C. A., & Rodriguez-López, J. E. (2021). Sustainability and Resilience Organisational Capabilities to Enhance Business Continuity Management: A Literature Review. Sustainability, 13(15), 8196. doi: 10.3390/su13158196 Search in Google Scholar

Daubner, L., Macak, M., Matulevičius, R., Buhnova, B., Maksović, S., & Pitner, T. (2023). Addressing insider attacks via forensic-ready risk management, Journal of Information Security and Applications, 73. doi: 10.1016/j.jisa.2023.103433 Search in Google Scholar

Davis, R. (2008). Aris Design Platform (Advanced Process Modelling and Administration). Springer London Ltd. Search in Google Scholar

Disterer, G. (2013). ISO/IEC 27000, 27001 and 27002 for information security management. Journal of Information Security, 4(2), 92-100. doi: 10.4236/jis.2013.42011 Search in Google Scholar

ENISA. (2006). Risk Management – Principles and Inventories for Risk Management/Risk Assessment methods and tools. Trusted Business Partners Technical Department of ENISA Section Risk Management ENISA. Search in Google Scholar

Erazo-Chamorro, V. C., Arciniega-Rocha, R. P., Nagy, R., Babos, T., & Szabo, Gy. (2022). Safety Workplace: The Prevention of Industrial Security Risk Factors. Applied Sciences, 12(21). doi: 10.3390/app122110726 Search in Google Scholar

European Union. (2022). Country profiles EU-27. Retrieved from https://european-union.europa.eu/principles-countries-history/country-profiles_en Search in Google Scholar

Fatkieva, R., & Krupina, A. (2020). Enterprise Information Security Assessment Using Balanced Scorecard. Advances in Automation: Proceedings of the International Russian Automation Conference, RusAutoCon 2019, September 8-14, 2019, Sochi, Russia, 1147-1157. Search in Google Scholar

Fiore, A. P., Facin, A. L. F., & Muniz, J. Jr. (2023). Information security and quality management systems integration: challenges and critical factors. International Journal for Quality Research, 17(3), 635-650. Search in Google Scholar

Giannopoulos, G., Holt, A., Khansalar, E., & Cleanthous, S. (2013). The use of the balanced scorecard in small companies. International Journal of Business and Management, 8(14), 1-22. doi: 10.5539/ijbm. v8n14p1 Search in Google Scholar

Graneheim, U. H., Lindgren, B. M., & Lundman, B. (2017). Methodological challenges in qualitative content analysis: A discussion paper. Nurse Education Today, 56, 29-34. Search in Google Scholar

Hammer, M., & Champy, J. (1993). Reengineering the Corporation: A Manifesto for Business Revolution. HarperBusiness. doi: 10.1016/S0007-6813(05)80064-3 Search in Google Scholar

Herath, T. C., Herath, H. S., & Cullum, D. (2023). An information security performance measurement tool for senior managers: Balanced scorecard integration for security governance and control frameworks. Information Systems Frontiers, 25(2), 681-721. https://isotc.iso.org/livelink/livelink/fetch/-8853493/8853511/8853520/18808772/0 Search in Google Scholar

Humphreys, E. (2011). Information security management system standards. Datenschutz und Datensicherheit – DuD, 35(1), 7-11. doi: 10.1007/s11623-011-0004-3 Search in Google Scholar

International Organisation for Standardization (ISO). Management System Standards. Retrieved from https://www.iso.org/management-system-standards.html Search in Google Scholar

ISO 14001:2015. Environmental management systems — Requirements with guidance for use. Search in Google Scholar

ISO 22301:2019. Security and resilience — Business continuity management systems — Requirements. Search in Google Scholar

ISO 28000:2022. Security and resilience — Security management systems — Requirements. Search in Google Scholar

ISO 28001:2007. Security management systems for the supply chain — Best practices for implementing supply chain security, assessments and plans — Requirements and guidance. Search in Google Scholar

ISO 31000:2018. Risk management — Guidelines. Search in Google Scholar

ISO 37001:2016. Anti-bribery management systems — Requirements with guidance for use. Search in Google Scholar

ISO 45001:2018. Occupational health and safety management systems — Requirements with guidance for use. Search in Google Scholar

ISO 50001:2018. Energy management systems — Requirements with guidance for use. Search in Google Scholar

ISO 9001:2015. Quality management systems — Requirements. Search in Google Scholar

ISO Survey of certifications to management system standards – Full results. Retrieved from https://isotc.iso.org/livelink/livelink?func=ll&objId=18808772&objAction=browse&viewType=1 Search in Google Scholar

ISO. (2019). ISO 9001: 2015 How to use it. International Organisation for Standardization. Retrieved from https://www.iso.org/files/live/sites/isoorg/files/store/en/PUB100373.pdf Search in Google Scholar

ISO. (2021). The ISO Survey of Management System Standard Certifications – 2020 – Explanatory Note. International Organisation for Standardization. Retrieved from Search in Google Scholar

ISO/IEC 20000-1:2018. Information technology — Service management — Part 1: Service management system requirements. Search in Google Scholar

ISO/IEC 27001:2013. Information technology — Security techniques — Information security management systems — Requirements. Search in Google Scholar

ISO/IEC 27001:2013/Cor 1:2014. Information technology — Security techniques — Information security management systems — Requirements — Technical Corrigendum 1. Search in Google Scholar

ISO/IEC 27001:2013/Cor 2:2015. Information technology — Security techniques — Information security management systems — Requirements — Technical Corrigendum 2. Search in Google Scholar

ISO/IEC 27001:2022. Information security, cybersecurity and privacy protection Information security management systems Requirements. Search in Google Scholar

ISO/IEC 27005:2022. Information security, cybersecurity and privacy protection Guidance on managing information security risks. Search in Google Scholar

Kaplan, R. S., & Norton, D. P. (1992). The balanced scorecard: measures that drive performance. Harvard Business Review, 70(1), 71-79. Search in Google Scholar

Kaplan, R. S., & Norton, D. P. (1993). Putting the balanced scorecard to work. Harvard Business Review, 71(5), 134-147. Search in Google Scholar

Keen, R. (2022). Benefits of and Environmental Management System. Retrieved from https://www.iso-9001-checklist.co.uk/ISO-14001/benefits-of-an-environmental-management-system.htm Search in Google Scholar

Kemendi, A. (2022). The safety-net – the safety network of controls [A biztonság hálózata - a kontrollok biztonsági hálózata]. Current Social and Economic Processes [Jelenkori Társadalmi és Gazdasági Folyamatok], 17(1-2), 77-90. doi: 10.14232/jtgf.2022.1-2.77-90 Search in Google Scholar

Kemendi, A., Michelberger, P.; & Mesjasz-Lech, A. (2021). ICT security in businesses – efficiency analysis, Entrepreneurship and Sustainability Issues, 9(1), 123-149. doi: 10.9770/jesi.2021.9.1(8) Search in Google Scholar

Kern, S., Baumer, T., Groll, S., Fuchs, L., & Pernul, G. (2022). Optimization of Access Control Policies. Journal of Information Security and Applications, 70. doi: 10.1016/j.jisa.2022.103301 Search in Google Scholar

Kilpatrick, J. (2003). Lean principles. Utah Manufacturing Extension Partnership, 68(1), 1-5. Search in Google Scholar

Kitsios, F., Chatzidimitriou, E., & Kamariotou, M. (2023). The ISO/IEC 27001 Information Security Management Standard: How to Extract Value from Data in the IT Sector. Sustainability, 15(7), 5828. Search in Google Scholar

Labodová, A. (2004). Implementing integrated management systems using a risk analysis based approach. Journal of Cleaner Production, 12(6), 571-580. doi: 10.1016/j. jclepro.2003.08.008 Search in Google Scholar

Lin, W. C., & Cheng, H. H. (2021). Improving maritime safety through enhancing marine process management: The application of balanced scorecard. Management Decision, 59(3), 604-615. Search in Google Scholar

Lindgren, B.-M., Lundman, B., Graneheim, U. H. (2020). Abstraction and interpretation during the qualitative content analysis process. International Journal of Nursing Studies, 108. doi: 10.1016/j.ijnurstu.2020.103632 Search in Google Scholar

Madsen, D. Ø., & Stenheim, T. (2015). The Balanced Scorecard: A Review of Five Research Areas. American Journal of Management, 15(2), 24-41. Search in Google Scholar

Malina, M. A., & Selto, F. H. (2001). Communicating and Controlling Strategy: An Empirical Study of the Effectiveness of the Balanced Scorecard. SSRN. doi: 10.2139/ssrn.278939 Search in Google Scholar

Mearns, K., & Ivar Håvold, J. (2003). Occupational health and safety and the balanced scorecard. The TQM Magazine, 15(6), 408-423. Search in Google Scholar

Mendes, Jr., De Jesus Alvares, I., & Alves, M. D. C. (2023). The balanced scorecard in the education sector: A literature review. Cogent Education, 10(1), 2160120. Search in Google Scholar

Michelberger, P. (2014). Risk Management for Business Trust. In: Michelberger, P. (Ed.) MEB 2014: Management. Enterprise and Benchmarking in the 21st Century (pp. 401-413). Budapest, Hungary: Óbuda University. Search in Google Scholar

Michelberger, P., & Kemendi, A. (2020). Data, information and IT security – software support for security activities. Problems of Management in the 21st Century, 15(2), 108-124. doi: 10.33225/pmc/20.15.108 Search in Google Scholar

Mohamed, S. (2003). Adaptation of the balanced scorecard to measure organisational safety culture. Journal of Construction Research, 4(01), 45-57. Search in Google Scholar

O’Neill, P., & Sohal, A. S. (1999). Business Process Reengineering A review of recent literature. Technovation, 19 (9), 571-581. doi: 10.1016/S0166-4972(99)00059-0 Search in Google Scholar

Peters, D. H., Noor, A. A., Singh, L. P., Kakar, F. K., Hansen, P. M., & Burnham, G. (2007). A balanced scorecard for health services in Afghanistan. Bulletin of the world Health Organisation, 85(2), 146-151. Search in Google Scholar

Porter, M. E. (1985). Competitive Advantage Creating and Sustaining Superior Performance. New York, USA: Free Press. Search in Google Scholar

Saint-Germain, R. (2005). Information security management best practice based on ISO/IEC 17799. Information Management Journal – Prairie Village, 39(4), 60. Search in Google Scholar

Strauss, E., & Zecher, Ch. (2013). Management Control Systems: A Review, Journal of Management Control, 23, 233-268. doi: 10.1007/s00187-012-0158-7 Search in Google Scholar

Swuste, P., Theunissen, J., Schmitz, P., Reniers, G, & Blokland, P. (2016). Process safety indicators, a review of literature. Journal of Loss Prevention in the Process Industries, 40, 162-173. doi: 10.1016/j. jlp.2015.12.020 Search in Google Scholar

Tallau, L. J., Gupta, M., & Sharman, R. (2010). Information security investment decisions: evaluating the balanced scorecard method. International Journal of Business Information Systems, 5(1), 34-57. Search in Google Scholar

Tawse, A., & Tabesh, P. (2023). Thirty years with the balanced scorecard: What we have learned. Business Horizons, 66(1), 123-132. Search in Google Scholar

Tworek, K. (2023). IT reliability as a source of sustainability for organisations operating during the COVID-19 pandemic. Engineering Management in Production and Services,15(1) 29-40. doi: 10.2478/emj-2023-0003 Search in Google Scholar

Ulewicz, R., & Kucęba, R. (2016). Identification of problems of implementation of Lean concept in the SME sector. Engineering Management in Production and Services, 8(1) 2016, doi: 10.1515/emj-2016-0002 Search in Google Scholar

van der Aalst, W. M. P., La Rosa, M. & Santoro, F. M. (2016). Business Process Management: Don’t Forget to Improve the Process!. Business and Information Systems Engineering, 58(1), doi: 10.1007/s12599-015-0409-x Search in Google Scholar

van Zadelhogg, M. (2016). The Biggest Cybersecurity Threats Are Inside Your Company. Harvard Business Review. Retrieved from https://hbr.org/2016/09/the-biggest-cybersecurity-threats-are-inside-your-company Search in Google Scholar

Wallace, T. F., Kremzar, M. H., & Kremzar, M. (2001). Erp – Making It Happen; The Implementers’ Guide to Success with Enterprise Resource Planning. John Wiley & Sons. Search in Google Scholar

Wolter, C., Menzel, M., Schaad, A., Miseldine, P., & Meinel, C. (2009). Model-driven business process security requirement specification. Journal of Systems Architecture, 55, 211-222. doi: 10.1016/j.sysarc.2008.10.002 Search in Google Scholar

eISSN:
2543-912X
Lingua:
Inglese
Frequenza di pubblicazione:
4 volte all'anno
Argomenti della rivista:
Business and Economics, Business Management, Industries, Transportation, Logistics, Air Traffic, Shipping, Engineering, Mechanical Engineering, Production Technology, Process Engineering and Industrial Engineering
Feed RSS della rivista