Wednesday, August 26, 2020

Analysis Of Human Cultural Identity

The point of this paper is to incorporate examination of human social personality, see the accompanying five authentic and social periods: illumination; Greek and Roman culture; Jewish - Christian culture; Renaissance - Reform culture ; And industrialization - innovator culture. It additionally represents the connection between away from of every period and the social time. The social personality of illumination can be portrayed as the likelihood to accentuate human reasons. This thought can be clarified by models like Thomas Jefferson, Dennis Diderot, Protestant. The connection among culture and science gives the premise to understanding social personality. An approach to give significance as a unit of mental science for combination and examination to every individual 's physiological state. Human fundamental physiological needs - food, sexual orientation, shirking of agony and so on - are a piece of a reasonable model of social character. Different parts incorporate things that touch social request. With this degree of psychosocial incorporation, widespread requirements are guided and sorted out by culture. Feeling, acknowledgment, acknowledgment, attribution, personality, association and need of cooperation with others are dynamic and can be distinguished through culture. For instance, in light of the near state, it unmistakably shows that social incorporation and psychosocial coordination cross. The point of this paper is to incorporate investigation of human social personality, see the accompanying five recorded and social periods: edification; Greek and Roman culture; Jewish - Christian culture; Renaissance - Reform culture ; And industrialization - innovator culture. It likewise outlines the connection between away from of every period and the social time. The social personality of illumination can be depicted as the likelihood to stress human reasons. - Separating individuals' way of life from the world and all that it gives. A few people believe this is on the grounds that they don't care for the course of the world. Others accept that society won't acknowledge the individuals they need to turn into. Be that as it may, now and again, the explanation is as basic as religion. Amish is an ideal case of customary culture and has over 300 years history in the United States.

Saturday, August 22, 2020

Positioning Strategy of Grameen Phone

Situating Strategy By making item, administration, station, individuals and picture separation Grameenphone arrive at the purchaser contact point all the more successfully and effectively in contrasting and their rivals in the exceptionally serious media transmission division. 1. Item Differentiation: Network (best, quality): Grameenphone has the biggest system with the most stretched out inclusion around the nation, bringing 98 percent of the populace under the inclusion of its system. The whole Grameenphone arrange is additionally EDGE/GPRS empowered, permitting GP endorsers of access the Internet from anyplace inside its inclusion area.The 10,000 Base Stations are situated in around 5,700 destinations around the nation. The organization has so far contributed more than BDT 10,700 crore (USD 1. 6 billion) to manufacture the system foundation since its commencement in 1997. It has contributed over BDT 3,100 crore (USD 450 million) during the initial seventy five percent of the prese nt year while BDT 2,100 crore (USD 310 million) was put resources into 2006 alone. Grameenphone is executing a forceful turn out program by putting in new system components with an accentuation on keeping up quality service.A number of steps are being taken to recognize the issues spots in the system so as to continually improve quality. Extraordinary endeavors are being taken to continually screen and guarantee arrange quality in the urban regions. In Dhaka and other significant urban communities in-building inclusion arrangements and microcells have been conveyed to give improved inclusion in significant tall structures and occupied road intersections. 2. Administration Differentiation: Business Solutions is a finished, quality business interchanges administration from Grameenphone †planned particularly for the business network in Bangladesh.Their Business Solutions groups are here to help furnish their clients with tweaked media communications arrangements through discussion with their clients. Informing Services GrameenPhone have different informing administrations permit the clients approaches to convey more intelligent, quicker, more proficiently and more expense viably in a hurry. SMS (Short Message Service): Fast and reasonable informing through SMS. Send a SMS to any cell phone in Bangladesh and to in excess of 115 nations with their global SMS administration. Voice SMS: Save time and customize message through a voice SMS.This administration gives the adaptability to record it as long as 120 seconds of sound †MMS (mixed media informing): The MMS administration furnishes to take pictures redo it with movement, music, video cuts and send it over the globe in practically no time. Cell email: Send messages without a PC. With cell email, Customers have the offices to email any GP number through a SMS and email any PC over the globe. SMS Banking: Enjoy bother free record refreshes from eminent banks like Standard Chartered Bank, BRAC Bank, Bank As ia, and so forth. Client ServicesGP endeavor to deal with their clients all broadcast communications needs. Key Account Managers and Customer Service Managers are doled out to give organized support of Business Solutions subscriber’s directly from the earliest starting point of the relationship. Need Service GP have confidence in the significance of human touch in the business world. As they step into third year of giving inventive correspondence arrangements, Business Solutions plans to give upgraded need administrations. Organized Hotline 121 Enjoy organized client assistance by essentially dialing 121.Dedicated clients care supervisors are accessible nonstop, 24 hours every day and 7 days per week just to serve. Business Solutions postpaid supporters can call 121 completely liberated from cost. Worth Added Services Take client business higher than ever. Business Solutions pioneers in presenting best in class Value Added Service to help. Missed Call Alert Missed Call Alert and get SMS notice of the endeavored cancel when telephone was. To buy in the administration, type on and send to 6222. Stock Information The most recent updates of the Dhaka and Chittagong Stock Exchange are currently in buyer palm.To profit this administration, go to GP WORLD (wap. gpworld. com), at that point Business City, and download the Bull application. 4. Channel Differentiation GP increase upper hand through the manner in which they plan their channels inclusion aptitude and execution. 3. Individuals Differentiation: Almost a large portion of the all out number of workers of GrameenPhone Ltd. today (Tuesday), partook in the organization's greatest client care program to date. â€Å"This client assistance battle follows up on the â€Å"Stay Close† guarantee from GrameenPhone.As a mindful organization, GrameenPhone values its endorsers, remains by them and deals with them when they need help,† clarified GrameenPhone CEO Anders Jensen. Supervisory crew drove by, more than 2000 workers, speaking to the greater part of the useful divisions and all the provincial workplaces of GrameenPhone, went through the day connecting with the clients in 124 well known neighborhood and significant open places the nation over. The reason for existing was to collaborate with the clients, help them in unraveling their cell phone related questions, and show Grameenphone's dedication as an accommodating and client situated organization. . Picture Differentiation GrameenPhone logo separates from different organizations. Therefore client effectively distinguish them in the market, which is another successful upper hands for GrameenPhone. Situating Statement: Company and Brand Positioning ought to be summarized in a situating articulation. GrameenPhone situating articulation is â€Å"Stay Close† which clarify that client can without much of a stretch express their feeling with their nearby family members and companions through utilizing GrameenPhone.

Friday, August 21, 2020

Success depends upon maturity!

Success depends upon maturity! Maturity is many things. It is the ability to base a judgment on the big picture, the long haul.It means being able to resist the urge for immediate gratification and opt for the course of action that will pay off later.One of the characteristics of the young is I want it now. Grown-up people can wait.Maturity is perseverancethe ability to sweat out a project or a situation, in spite of heavy opposition and discouraging setbacks, and stick with it until it is finished.The adult who is constantly changing friends and changing mates is immature. He/she cannot stick it out because he/she has not grown up.Maturity is the ability to control anger and settle differences without violence or destruction. The mature person can face unpleasantness, frustration, discomfort and defeat without collapsing or complaining. He/she knows he cannot have everything his/her own way every time. He/she is able to defer to circumstances, to other people-and to time. He/she knows when to compromise and is n ot too proud to do so.Maturity is humility. It is being big enough to say, I was wrong. And, when he/she is right, the mature person need not experience the satisfaction of saying, I told you so.Maturity is the ability to live up to your responsibilities, and this means being dependable. It means keeping your word. Dependability is the hallmark of integrity. Do you mean what you say-and do you say what you mean? Unfortunately, the world is filled with people who cannot be counted on. When you need them most, they are among the missing. They never seem to come through in the clutches. They break promises and substitute alibis for performance. They show up late or not at all. They are confused and disorganized. Their lives are a chaotic maze of broken promises, former friends, unfinished business and good intentions that somehow never materialize. They are always a day late and a dollar short.Ann LandersMaturity is the ability to make a decision and stand by it. Immature people spend their lives exploring endless possibilities and then doing nothing. Action requires courage. Without courage, little is accomplished.Maturity is the ability to harness your abilities and your energies and do more than is expected. The mature person refuses to settle for mediocrity. He/she would rather aim high and miss the mark than low-and make it.Maturity is the art of living in peace with that which cannot be changed, the courage to change that which should be changed, no matter what it takes, and the wisdom to know the difference.By Ann landers

Sunday, May 24, 2020

Family Resiliency From Adversity - Free Essay Example

Sample details Pages: 2 Words: 671 Downloads: 6 Date added: 2019/02/15 Category Society Essay Level High school Tags: Family Essay Did you like this example? I believe society would greatly benefit from resources that would support resilience of adversity when overcoming unstable environments. In the news we see a lot about the Migrant Caravan and how the United States government is unwilling to provide refuge for these people who are in need. While the United States and the Honduran governments differ in resources and conditions, their willingness to help people who are seeking refuge is the same rejection. Don’t waste time! Our writers will create an original "Family Resiliency From Adversity" essay for you Create order I wish I knew what the solution would help satisfy all the people involved in this predicament. It is an emotional topic for me to discuss the military involvement because I am an Army veteran, I know what it is like to be given orders that I do not comply with. The racism and discrimination families of not only the immigrants but even the law enforcement, military and civilian by standers in that environment will be impacted. Ann S. Masten states how resiliency is not something that can be defined objectively because it is influenced by historical and sociocultural context. Highlighting cultural expectations and the environment as contributing factors of adaptive characteristics of individuals. Resiliency varies among cultures and experience, while it may be in some peoples favor to seek haven and leave everything behind to move forward, others would rather stay no matter what the conditions may be and stay strong throughout the struggle. There are many factors to account for when considering resiliency. Factors including who is involved, such as children, family, financial resources, and emotional states. Optimal resiliency would be positive and will empower an individual enough to overcome adversity. For example, taking into consideration migrating family’s risk of premigration traumas occurring in the home country, traumas in route to the new country, and the often-hostile environment in the new country (Torres, 2018). Torres research highlights the negative health related implications these traumas have on an immigrants physical and mental state rooting from government policies and practices. Experiences with trauma shape children especially, they see the world as a bad place that does not help their family. These personality traits develop their susceptibility or protective in?uence, the physical or sociocultural value and meaning of traits (Masten, 2014). These negative experiences are what lead to maladaptive characteristics like sexual and drug abuse. Those bad habits are what resiliency in an individual could help them overcome. While international agencies are investing in resources to promote healthy development and resilience, is it enough? It is heartbreaking to know the horrors that are occurring from the California fires, people disappearing, being found dead, losing their homes, and the families who travelled thousands of miles, who would put their life in danger to just try to find refuge. Our society needs resources and the awareness that will help society cope. â€Å"There is a need for more knowledge about risk and protective processes and how to prepare for speci?c threats to human development (Masten, 2014).† Reformed policies can facilitate migration and decrease the traumas that individuals and families experience. I don’t believe in pressing people to be religious, but it is something that has help me personally. I think now is the time religion can be a good coping mechanism for those who do believe in hope for a better future. I believe it is important for society to be resilient and develop positive coping mechanisms in preparation for natural disaster, family separation, violence and many other dangerous situations. I focus on migrating families because it is something that has affected my family directly. I understand that things won’t get better until there are reformed policies that will be implemented but I know I can raise awareness through social media. References Masten, A. S. (2014). Global perspectives on resilience in children and youth. Child Development, 85(1), 6–20. https://doi-org.mimas.calstatela.edu/10.1111/cdev.12205 Torres, S. A., Santiago, C. D., Walts, K. K., Richards, M. H. (2018). Immigration policy, practices, and procedures: The impact on the mental health of Mexican and Central American youth and families. American Psychologist, 73(7), 843–854. https://doi-org.mimas.calstatela.edu/10.1037/amp0000184

Wednesday, May 13, 2020

My Photography Goal of Capturing Oppression, Personal...

This family is mourning the loss of a loved one in Uruguay. The photographer captured the moment of sadness for this family and shows the essence that everyone feels at some point in their life. The father has fallen to his knees in sadness and loss of body control for his lost wife. The children pray for their losses as they see their father lose his composure. I am going to travel the world and develop my personal imagination in my ability to portray my feelings through photography. I have always had a fascination with photography and would like to bring my skills of photography to the point I can portray my thoughts to others. I would like to travel the world in order to be open to sights, sounds, touch, and emotions that I am conveyed†¦show more content†¦Their decision came out of a hope it would be easier for me to deal with. I was holding her in my arms as the doctor placed the liquid into her IV. This was a horrible pain I hope that all those that dont care about an imals could feel to feel the life leave from a deeply loved pet. I believe my 16yr lifelong companion left this world to heaven. She was more than a pet she was a family member. Photography will allow me to display the amount of affection that is between a person and their pet. I could attempt to capture this loving bond throughout my travels around the world. My second pet lost happened two weeks ago now, she was a Siamese cat. She was always more of my sister cat as she passed away in her arms. My sister would never let her have bad care she took her to Boston from Virginia for these past two years. She was eighteen and died naturally. I am still trying to comprehend the news of this event as it is hard to accept that a loved one is gone even if the loved one is just a cat. With photography I will show others that have this emotional attachment to their pets and cannot let them leave their side. I will prove that animals are more than just animals and that they are family members and deserve care. I have struggled through many depressions in my life not knowing the current condition of my mother and not wanting to know. During my last summer at home my mom’s condition worsened she

Wednesday, May 6, 2020

The Number One Article on Optional Practical Training Essay Samples

The Number One Article on Optional Practical Training Essay Samples The absolute latest you may apply for OPT is 60 days following your program end date. Even if you just use a couple of months and then return to school, you CANNOT recover the rest of the months of OPT and use them at a subsequent date. Part-time employment is 20 hours each week or less. All students on post-completion OPT are expected to report any of the subsequent changes within 10 days of the first shift. Another reason could possibly be that different aged samples were used, like a baby plant that might get a greater absorbance in comparison to an aging plant. Sadly, this line is practically always busy. So How About Optional Practical Training Essay Samples? There are a few special circumstances where you're able to be a part-time student. It's possible for you to work with several organizations, so long as each position is directly linked to your main area of study. You don't need to get a job offer prior to applying for optional practical training. A job offer isn't required to be qualified to make an application for optional practical training. The student's proposed employment is related to the student's major subject of study. Thus, for example, a student can do OPT for their undergraduate degree (if done in the USA) and then again for their graduate degree (if done in america). He has not used all of the practical training available at the current level of study. Students that are unsure whether their activities may be considered cheating are encouraged to talk to their instructor. A standard small business report follows the exact format. More research should be carried out. Part-time practical training is going to be deducted at one-half the full-time speed. You should also have a great understanding of a report structure. Top Optional Practical Training Essay Samples Secrets In this instance, it's possible to either attempt to enter without it, which can be risky and OIS doesn't advise you to achieve that. For instance, if you participated in 10 months of pre-completion OPT, you'd be eligible for only as m uch as two months of post-completion OPT. The requested start date can't change once the OPT application was mailed. You're going to be notified while the letter is prepared to be picked up. If you decide to travel, please note IPS can't help facilitate your re-entry if it's denied. The optional essay may also demonstrate that you're seriously interested in attending a specific law school. Doing this will permit you to be more acquainted with the typical content and basic formats which are usually seen in an academic essay. The same is applicable to top essay writers. If you would like to make an academic essay that's both outstanding and relevant, always place the items that we've discussed above in mind. It's a motorized version of the standard rickshaw or velotaxi, a tiny three-wheeled cart driven by somebody. Since academic essays are popular in the business of education and research, you should make sure your writing is both logical, interesting and informative. An academic essay always must be relevant. Your academic essay should evoke an emotion that is needed to spark different ideas, opinions and other sorts of responses. Always keep in mind that it should be playful it must not bore your audience. Optional Practical Training Essay Samples: No Longer a Mystery You can also take a look at financial report examples 10. Reports are thought to be one the best approaches to relay an info. You can also see sample activity reports It is a list of folks who sponsor or assist you in producing the report. Only provide the needed and relevant data in your report.

Tuesday, May 5, 2020

An Approach to Information Security Management free essay sample

An Approach to Information Security Management Anene L. Nnolim, Annette L. Steenkamp College of Management Lawrence Technological University Abstract This paper reports on part of a doctoral dissertation research project in information security management. The intent of this research is to attempt to determine how information security management could be enhanced as a structured and repeatable management process, and to develop an appropriate architectural framework and methodology that could enable integration of information security management with enterprise life cycle processes. Over the years, the focus of information security has evolved from the physical security of computer centers to securing information technology systems and networks, to securing business information systems. The proliferation of computer networks and the advent of the Internet added another dimension to information security. With the Internet, computers can communicate and share information with other computers outside an organization’s networks and beyond their computer center. This new mode of communication meant that the existing security model was inadequate to meet the threats and challenges inherent in this new technology infrastructure. We will write a custom essay sample on An Approach to Information Security Management or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page A new model of information security management is needed to meet the security challenges presented in this new environment. This has motivated the focal area of this research in information security management. Part of meeting this new challenge could also include the resurrection of risk as an important component of information security management. The results of this research would be important to any organization with a need for a secure business environment. The research results will also be important to individuals responsible for managing information security in their organizations, as well as to senior executives and members of corporate boards of directors, because of their increased statutory responsibilities to secure various types of information in their organizations. From the results of the research so far, the information security management viewpoint calls for a phased approach with iterative process models that include several elements, supporting methods and specific outputs. The viewpoint should also include an integrated process improvement model, with supporting methodology. Currently, the main doctoral research is in the â€Å"demonstration of concept† stage. In this stage, the conceptual model will be validated in terms of the stated research problem. Potential outcomes and value of validation of the research proposition could be an approach to implementing an information security management system. This would include an In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org Pg 2-2 information security policy framework, a methodology, and a supporting process model that is regarded as essential to managing information security in the enterprise. Key words: Information security management, information security architecture, security policy, security process improvement, information security viewpoint, risk management. Evolution of Computer Security Strategies Before computer security evolved into the many dimensional fields of today, the primary security focus of most organizations was in providing physical security to their assets. For organizations with early computers, this included securing and protecting data from natural disasters or malicious activities. With the advent of the personal computer, it was inevitable that security objectives would eventually include computer security. Up to the early 1980’s when computers were used simply as business tools to automate business processes, the focus of computer security objective was securing computer centers since most computers were located in computer centers. The security strategy was mainly accomplished through physical security (Vermeulen and Von Solms, 2002). Up to the early 1990’s as computers began to be used throughout the enterprise, the focus of security objective shifted to securing information technology (IT) systems and computer networks. The security strategy this time was accomplished through software that resided on IT systems (Vermeulen and Von Solms, 2002). From the early 2000’s to the present, computers became components of IT systems that supported information as business assets. The focus of security objective was on securing business information systems, and this was accomplished through information security management (Vermeulen and Von Solms, 2002). The proliferation of computer networks and the advent of the Internet added another dimension to information security. With the Internet, computers can communicate and share information with other computers outside an organization’s networks and beyond their computer center. This new mode of communication meant that the existing security model was inadequate to meet the threats and challenges inherent in this new technology infrastructure. A new model of information security management is needed to meet the security challenges presented in this new environment. The objective of the new model would be the protection of business information systems in the enterprise. Securing business information systems also involves some risk. As a result, meeting this new challenge for security management would require that risk management be an important element in information security management. Achieving the objective of this new model requires comprehensive information security management strategies. Purpose and Scope of the Research The intent of this research is to examine information security management in the enterprise. It will attempt to determine how information security management could be enhanced as a structured and repeatable management process. The research also aims to develop an appropriate architectural framework and methodology that could enable integration of information security management with enterprise life cycle processes. In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org Pg 2-3 The results of this research would be important to any organization with a need for a secure business environment. The research results will also be important to individuals responsible for managing information security in their organizations, as well as to senior executives and members of corporate boards of directors, because of their increased statutory responsibilities to secure various types of information in their organizations. This dissertation research project will be limited to examining the information security management viewpoint and related views. This includes the process and method for architectural descriptions for the information security management viewpoint, in the context of enterprise security domain. A review of other enterprise security viewpoints may be undertaken, to enable the presentation of research findings in the appropriate context. Problem Statement and Research Question The problem statement for this research is a lack of a comprehensive framework, supporting process model, and methodology that can enable the implementation and management of information security. Related to the problem statement are three research questions. The questions cover important aspects of information security management, i. e. principles, policy framework, integration with enterprise life cycle processes, and its significance to enterprise planning process. The questions are: 1. What are the underlining principles influencing the transition of information security, from a traditional IT environment of managing data and application security, to managing information security as an integrated component of the enterprise business strategy and management process? . How can an enterprise security framework facilitate the effective management of information security? 3. How can information security management become a significant element of the enterprise strategic planning model? Research Proposition This research is based on the following propositions: 1. Enterprise information security can be managed effectively using a frameworkbased approach and supporting methodology . 2. Information security management could be a structured and repeatable management process if a systematic approach is followed to its implementation. Research Design The research approach followed is mixed methods. The strategy of inquiry is concurrent procedures. Concurrent procedures strategy is defined as situations â€Å"†¦ in which In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org Pg 2-4 the researcher converges quantitative and qualitative data in order to provide a comprehensive analysis of the research problem† (Creswell, 2003, p. 16). The rationale for selecting mixed methods design is to get a better understanding of the problem identified in this research. The mixed methods would allow for both text and statistical analyses of data, and would permit more flexibility when designing questions for possible interviews, i. e. both open- and closeended questions (Creswell, 2003, p. 17). The knowledge claim position for this research will be pragmatism. Creswell (2003) noted that some of the characteristics of the pragmatism knowledge claims are problemcentered, consequences of actions, real-world practice oriented, and pluralistic (Creswell, 2003, p. 6). These seem to fit well within the scope of this research. The proposed methods of investigation for this research are: a) Continue the literature survey and perform a comprehensive analysis of literature on information security management. b) Develop a conceptual model of a solution to the problems of inadequate information security management. c) Demonstrate the conceptual model by means of an appropriate method, such as an example of how to apply the approach to developing an information security system for the organization. ) Conduct in-depth structured interviews with senior executives in different industries, using a set of questions derived from the conceptual model. The interviews would be limited to senior executives responsible for information security management in their organization. This may include interviews with information security professionals. Research Process In the process model used for this research, the various activities, timelines, and expected deliverables are outlined. The major phases of the research process model are Research Planning (Problem identification, Proposal development), Research (Literature review, Conceptualization of solution), and Research Experiment (Demonstration of concept, Interpretation of findings, Presentation and defense of dissertation) Research Validation Methodology To validate the propositions for this research, it will be necessary to design a demonstration of the concept in the form of an example of how the approach might be implemented within an organization. Validation of the proposition will be done by means of criteria for evaluating validity, reliability, and generalizability of the approach. The results of the research project will be evaluated in terms of: a) Whether they support or refute the research propositions, b) Whether they provide the basis to confirm or reject the conceptual solution, and c) Applicability of the demonstration-of-concept example to the conceptual solution. In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org Pg 2-5 Summary of Focal Theory The Open Group (2006) defines a viewpoint, also known as a metaview, as: A specification of the conventions for constructing and using a view. A metaview acts as a pattern or template of the view, from which to develop individual views. A metaview establishes the purpose and audience for a view, the ways in which the view is documented (e. g. for visual modeling), and the ways in which it is used (e. g. for analysis) (The Open Group, 2006, Glossary, p. 8). Various security viewpoints in the enterprise make up an enterprise composite security viewpoint. These are physical security, data security, information security, application security, and infrastructure security viewpoints. Each viewpoint has various additional views. The concept of information security management in the enterprise may be viewed at three main levels, namely strategic, tactical, and operational. These levels correspond to the types of security issues that are of concern to management, including the general nature of expertise required to manage security, at that level (Belsis et al, 2005, p. 93). The distinguishing factors between the domains are strategic (impacts corporate strategy), tactical (regarding the methodologies/practices used to manage security), and operations (installation and operation of security tools and measures) (Belsis et al, 2005, p. 193). In other words, the motivators for security management are that it should be policy-driven (strategic level), guidelines-driven (tactical level), and measures-driven (operational level). It would seem that majority of information security management activities in the past have been focused at the operational level, and very little attention was given to information security management as a continuum at all three-enterprise levels. Slewe and Hoogenboom (2004) alluded to this when they noted â€Å" for security measures the focus is often on logical and technical measures†¦Ã¢â‚¬  (Slewe and Hoogenboom, 2004, p. 60). It can be inferred, then, that information security management has not reached a maturity level that could make it a repeatable management process. This has motivated the focal area of this research, namely information security management in the enterprise. Sample Literature Review The literature review for the research was organized into themes. This facilitated the analysis of literature materials. Examples of these themes include architecture framework, governance, risk management, policy, and standards, etc. A sample of the literature review follows. Eloff and Eloff (2003) proposed that organizations use a holistic approach to information security management, and establish an information security management system. This system would integrate policies, standards, guidelines, code-of-practice, technology, human issues, legal, and ethical issues. This means using a process model approach to manage information security. The authors propose â€Å"process security† and â€Å"product security† in information security management. In â€Å"process security†, the focus would be on planning In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org Pg 2-6 and implementing management practices, procedures, and processes to establish and maintain information security. In â€Å"product security†, the focus would be on the use of certified software products in the IT infrastructure in order to establish and maintain information security (Eloff and Eloff, 2003). Doherty, N. F. , and Fulford, H. (2006) discussed the aligning of information security policy with strategic information systems plan (SISP). It would seem that a broader strategy of aligning information security policy with corporate policy strategy might be better in the long run. The argument in support of aligning information security policy with SISP is that it would provide a framework to ensure that systems are developed with security built-in. However, if information security policy is aligned with corporate policy, the same systems development objective could still be accomplished. To comply with security regulations of the Health Insurance Portability and Accountability Act (HIPAA) organizations are required to secure individual identifiable personal information (HIPAA, sub. F, Sec. 261). The security regulations identifies three safeguard standards that must be met by organizations covered under the Act, namely administrative safeguards, physical safeguards, and technical safeguards. Geffert (2004) observed that in the process of complying with this Act, organizations could end up with an effective enterprise risk management system (Geffert, 2004, p. 21). On the other hand, Sarbanes-Oxley Act (2002) does not deal specifically with information security. However, the focus of the act is mostly on corporate governance, i. e. corporate accountability and responsibility of officers of the organization. Botha, J. , and von Solms, R. (2004) presented a theoretical model of business continuity planning methodology that could be generally applied to most businesses, as part of an information security management strategy. Out of the three information security fundamental principles of confidentiality, integrity, and availability, this study maintains that availability tends to assume greater importance than the other two principles in business continuity planning (Botha von Solms 2004, p. 329). Their theoretical model is a sevenphase planning methodology, namely project planning, business impact analysis, business continuity strategies, continuity strategies implementation, continuity training, continuity testing, and continuity plan maintenance (Botha von Solms 2004, p. 31-332). This is similar to that proposed by Heng (1996). However, before most organizations can use this methodology, they would need to first identify their specific organizational properties. These properties become variables in the organization’s business continuity plan. Gerber, M. , and von Solms, R. (2001) attempted to determine the importance of risk analysis in identifying security controls, and whether there are oth er alternative approaches to risk analysis for accomplishing similar goals (Gerber von Solms 2001, p. 577). They identified several factors that influence an organization’s security requirements. These are (a) business requirements for confidentiality, integrity, and integrity, (b) legal, statutory, or regulatory requirements, and (c) risks to the infrastructure. They argue that if the security requirements analysis determines the appropriate security controls, then this alternative analysis is called â€Å"security requirements analysis† (Gerber von Solms 2001, p. 582-583). In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. soneworld. org Pg 2-7 Stakeholder involvement is an important component of information security management. Tsohou, A. , Karyda, M. , and Kokolakis, S. (2006) examined the potential use of cultural theory as a tool for identifying patterns in stakeholders’ perception of risk, and its effect on information system risk management. They maintain that awareness and training are not the only social factors tha t influence stakeholders’ perception on security threats (Tsohou et al, 2006, p. 198). The fundamental principle of cultural theory is that the way people socially interact encroaches on the systems of symbols they use to understand the world. The study uses this theory, as a foundation framework, to associate social context with information security risks and security management practices (Tsohou et al, 2006, p. 207). Human factors have always had some impact on information security programs in organizations. Besnard and Arief (2004) used a multidisciplinary approach to investigate some of the human factors in computer security. For example, a legitimate user may devise work-arounds if the security control measure that has recently been installed cannot provide good usability to the user. In some cases, legitimate users could unknowingly facilitate attacks from outside the organization. Ultimately, end user responsibility is a key component to improving user behavior in information security. International Standards Organization/International Electrotechnical Commission (ISO/IEC) 17799 (2000) provides procedures and code of practice for information security management in the enterprise. It outlines a general framework that provides a common basis for developing enterprise security standards and effective security management practices. Other independent organizations that may be relevant to information security management include British Standards Institution (BS), Committee of Sponsoring Organizations (COSO) of the Treadway Commission, and International Federation for Information Processing (IFIP) Technical Committee 11. Conceptualization of the Solution The research is still in progress, and the dissertation has not been published. From the results of the research so far, the information security management viewpoint calls for a phased approach with iterative process models that include several elements, supporting methods and specific outputs. The viewpoint should also include an integrated process improvement model, with supporting methodology. Other developments from the research include a meta model with detailed meta primitives, an architecture framework, a security governance structure, and a security management process model. Demonstration of Concept As the research progresses, part of the demonstration of concept stage will include conducting in-depth structured interviews with senior executives in different industries, using a set of questions derived from the conceptual model. The interviews will be limited to senior executives responsible for information security management in their organizations. This process may also include interviews with information security professionals. In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org Pg 2-8 Conclusion The potential outcome and value of validation of the research proposition could be an approach to implement an information security management system. This approach would include an architectural framework and methodology, a security policy framework, and a supporting process model that could enable integration of information security management with enterprise life cycle processes. References Belsis, P. , Kokolakis, S. , Kiountouzis, E. (2005), Information systems security from a knowledge management perspective, Information Management Computer Security, Volume 13, Number 3, 189-202. Besnard, D. , Arief, B. (2004), Computer security impaired by legitimate users, Computers Security, Volume 23, 253-264. Botha, J. , von Solms, R. (2004), A cyclic approach to business continuity planning, Information Management Computer Security, Volume 12, Number 4, 328-337. Creswell, J. W. (2003), Research Design: Qualitative, Quantitative, and Mixed Methods Approaches, 2nd. Edition, Sage Publications, London. Doherty, N. F. , Fulford, H. (2006), Aligning information security policy with the strategic information systems plan, Computers Security, Volume 25, 55-63. Heng, G. M. (1996), Developing a suitable business continuity planning methodology, Information Management Computer Security, Volume 4, Number 2, 11-13. Eloff, J. , Eloff, M. (2003), Information security management – a new paradigm, Proceedings of the 2003 annual research conference of the South African Institute of Computer Scientists and Information Technologists on enablement through technology SAICSIT, 130-136. Geffert, B. T. (2004), Incorporating HIPAA security requirements into an enterprise security program, Information Systems Security, November/December, Volume 13, Issue 5, 21-28. Gerber, M. , von Solms, R. (2001), From risk analysis to security requirements, Computers Security, Volume 20, 577-584. ISO/IEC 17799 (2000), Information Technology – Code of Practice for Information Security Management. Sarbanes-Oxley (2002), Sarbanes-Oxley Act of 2002. Slewe, T. , Hoogenboom, M. (2004), Who will rob you on the digital highway? Communications of the ACM, Volume 47, Number 5, May 2004, 56-60. The Open Group (2006), The Open Group Architecture Framework (TOGAF), Version 8. 1, Enterprise Edition The Open Group, San Francisco. Tsohou, A. , Karyda, M. Kokolakis, S. , Kiountouzis, (2006), Formulating information systems risk management strategies through cultural theory, Information Management Computer Security, Volume 14, Number 3, 198-217. Vermeulen, C. , Von Solms, R. (2002), The information security management toolbox – taking the pain out of security management, Information Management and Computer Security, Volume 10, Number 3, 119-125. Anene L. N nolim Anene is a Doctoral Candidate for the degree of Doctor of Management in Information Technology (DMIT) at Lawrence Technological University in Southfield, Michigan. He holds a bachelor’s degree in business from State University of New York, Buffalo, and an In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org Pg 2-9 MBA from Stephen F. Austin State University, Nacogdoches, Texas. He has a Human Resources Management Certificate from University of Guelph in Ontario, Canada. He is a certified Project Management Professional (PMP). Currently, he is the principal consultant at InfoTSG, Inc. (www. infotsg. com), an IT services consulting company with interests in business process management and information security management. His professional experience includes several years of management and leadership positions in government, telecommunications, and IT industries in Canada and U. S. He is an Adjunct Professor in business process management at Lawrence Technological University, and On-Line faculty at the University of Phoenix, teaching IT, management, and business courses. Annette Lerine Steenkamp Annette Lerine Steenkamp is Program Director of the Doctoral Program in Management of Information Technology and Professor in Computer and Information Systems in the College of Graduate Management at the Lawrence Technological University, Southfield, Michigan. She holds a PhD in Computer Science, with specialization in Software Engineering. Dr. Steenkamps research interest is in approaches to information technology process improvement, enterprise architecture and knowledge management. Current research is concerned with the application of CMMI in the education sector, redesign of organization processes for mobile technology adoption, knowledge management frameworks, alignment of IT and organization strategies, and systems integration. In Proceedings of the 6th Annual ISOnEworld Conference, April 11-13, 2007, Las Vegas, NV www. isoneworld. org