This article presents the scenario of programming use by architects and engineers,creating their own unique tools.The goal is to emulate and understand the phenomenon of Building Information Modeling(BIM)software cust...This article presents the scenario of programming use by architects and engineers,creating their own unique tools.The goal is to emulate and understand the phenomenon of Building Information Modeling(BIM)software customization by developing plug-ins that can explore the human-environment relationship.Demonstrate the process for building a plugin that seeks to equalize the theory of accessibility technical standards,visually impaired and architects.Use Design Science Research methodologies to guide the construction of artifacts for specific practical problems and the Collaborative Design/Co-design to understand and know the users’expertise.It is argued that the low quality of projects that include elements for the orientation of the visually impaired in Brazil is often related to an unstructured methodology in which important aspects such as the real needs of this group and the human-environment relationship are neglected.展开更多
This paper reports the developed mobile application through the use of advanced technologies such as mobile computing, cloud computing and Global Positioning System (GPS) in order to solve the challenges. The purpose ...This paper reports the developed mobile application through the use of advanced technologies such as mobile computing, cloud computing and Global Positioning System (GPS) in order to solve the challenges. The purpose of this study is to find out how the recent advances and mass adoption of ICT by the public can best be leveraged to enhance the performance of Civil Society Organizations (CSOs) in East Africa. The data collection techniques used are through questionnaires, observations and conducting interviews with different stakeholders in the civil society arena i.e., the donors, the CSOs and the people in society that are given a voice by civil societies. In the system development phase, agile development methodology was used. Analysis of the data collected showed that there is a gap in the availability of a single or a centralized platform which can be easily accessed, user-friendly and reliable where different actors can readily get reliable and up-to-date information about the available CSOs they are interested in. To address this problem, an interactive online directory of CSOs has been developed. The platform is mobile based and enables CSOs to register and fill up their current details, thus ensuring that there is always correct and updated information. The platform is equipped with, among other features, a geo-mapping facility which enables users of the system to correctly geo-locate their civil societies of interest on a map view. The results of system evaluation showed that 88.125% of users were satisfied with the system basing on the evaluation criteria.展开更多
Saudi Arabian banks are deeply concerned about how to effectively monitor and control security threats. In recent years, the country has taken several steps towards restructuring its organizational security and, conse...Saudi Arabian banks are deeply concerned about how to effectively monitor and control security threats. In recent years, the country has taken several steps towards restructuring its organizational security and, consequently, protecting financial institutions and their clients. However, there are still several challenges left to be addressed. Accordingly, this article aims to address this problem by proposing an abstract framework based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework and International Organization for Standardization/International Electrotechnical Commission (ISO/IEC 27001). The framework proposed in this paper considers the following factors involved in the security policy of Saudi banks: safety, Saudi information bank, operations and security of Saudi banks, Saudi banks’ supplier relationships, risk assessment, risk mitigation, monitoring and detection, incident response, Saudi banks’ business continuity, compliance, education, and awareness about all factors contributing to the framework implementation. This way, the proposed framework provides a comprehensive, unified approach to managing bank security threats. Not only does the proposed framework provide effective guidance on how to identify, assess, and mitigate security threats, but it also instructs how to develop policy and procedure documents relating to security issues.展开更多
Security risk assessment refers to the process of identifying, analyzing, and evaluating potential security risks for an organization. An organization’s assets, personnel, and operations are protected through it as p...Security risk assessment refers to the process of identifying, analyzing, and evaluating potential security risks for an organization. An organization’s assets, personnel, and operations are protected through it as part of a comprehensive security program. Various security assessments models have been published in the literature to protect the Saudi organization’s assets, personnel, and operations. However, these models are redundant and were developed for specific purposes. Hence, the comprehensive security risk assessment model used to safeguard Saudi organizations’ assets, personnel, and operations is still omitted. Using a design science methodology, the objective of this study is to develop a comprehensive security risk assessment model called CSRAM to assess security risks in Saudi Arabian organizations based on the International Organization for Standardization and the International Electrotechnical Commission/Information security risk management (ISO/IEC 27005 ISRM) standard. CSRAM is made up of six stages: threat identification, vulnerability assessment, risk analysis, risk evaluation, risk treatment, and monitoring and review of the risk. The stages have many activities and tasks that need to be accomplished at each stage. Based on the results of the validation of the completeness of the CSRAM, we can say that the CSRAM covers the whole ISO/IEC 27005 ISRM standard, and it is complete.展开更多
基金financed in part by the Coordenacao de Aperfeicoamento de Pessoal de Nivel Superior-Brasil(CAPES)-Finance Code 001 and National Council for Scientific and Technological Development-CNPq.
文摘This article presents the scenario of programming use by architects and engineers,creating their own unique tools.The goal is to emulate and understand the phenomenon of Building Information Modeling(BIM)software customization by developing plug-ins that can explore the human-environment relationship.Demonstrate the process for building a plugin that seeks to equalize the theory of accessibility technical standards,visually impaired and architects.Use Design Science Research methodologies to guide the construction of artifacts for specific practical problems and the Collaborative Design/Co-design to understand and know the users’expertise.It is argued that the low quality of projects that include elements for the orientation of the visually impaired in Brazil is often related to an unstructured methodology in which important aspects such as the real needs of this group and the human-environment relationship are neglected.
文摘This paper reports the developed mobile application through the use of advanced technologies such as mobile computing, cloud computing and Global Positioning System (GPS) in order to solve the challenges. The purpose of this study is to find out how the recent advances and mass adoption of ICT by the public can best be leveraged to enhance the performance of Civil Society Organizations (CSOs) in East Africa. The data collection techniques used are through questionnaires, observations and conducting interviews with different stakeholders in the civil society arena i.e., the donors, the CSOs and the people in society that are given a voice by civil societies. In the system development phase, agile development methodology was used. Analysis of the data collected showed that there is a gap in the availability of a single or a centralized platform which can be easily accessed, user-friendly and reliable where different actors can readily get reliable and up-to-date information about the available CSOs they are interested in. To address this problem, an interactive online directory of CSOs has been developed. The platform is mobile based and enables CSOs to register and fill up their current details, thus ensuring that there is always correct and updated information. The platform is equipped with, among other features, a geo-mapping facility which enables users of the system to correctly geo-locate their civil societies of interest on a map view. The results of system evaluation showed that 88.125% of users were satisfied with the system basing on the evaluation criteria.
文摘Saudi Arabian banks are deeply concerned about how to effectively monitor and control security threats. In recent years, the country has taken several steps towards restructuring its organizational security and, consequently, protecting financial institutions and their clients. However, there are still several challenges left to be addressed. Accordingly, this article aims to address this problem by proposing an abstract framework based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework and International Organization for Standardization/International Electrotechnical Commission (ISO/IEC 27001). The framework proposed in this paper considers the following factors involved in the security policy of Saudi banks: safety, Saudi information bank, operations and security of Saudi banks, Saudi banks’ supplier relationships, risk assessment, risk mitigation, monitoring and detection, incident response, Saudi banks’ business continuity, compliance, education, and awareness about all factors contributing to the framework implementation. This way, the proposed framework provides a comprehensive, unified approach to managing bank security threats. Not only does the proposed framework provide effective guidance on how to identify, assess, and mitigate security threats, but it also instructs how to develop policy and procedure documents relating to security issues.
文摘Security risk assessment refers to the process of identifying, analyzing, and evaluating potential security risks for an organization. An organization’s assets, personnel, and operations are protected through it as part of a comprehensive security program. Various security assessments models have been published in the literature to protect the Saudi organization’s assets, personnel, and operations. However, these models are redundant and were developed for specific purposes. Hence, the comprehensive security risk assessment model used to safeguard Saudi organizations’ assets, personnel, and operations is still omitted. Using a design science methodology, the objective of this study is to develop a comprehensive security risk assessment model called CSRAM to assess security risks in Saudi Arabian organizations based on the International Organization for Standardization and the International Electrotechnical Commission/Information security risk management (ISO/IEC 27005 ISRM) standard. CSRAM is made up of six stages: threat identification, vulnerability assessment, risk analysis, risk evaluation, risk treatment, and monitoring and review of the risk. The stages have many activities and tasks that need to be accomplished at each stage. Based on the results of the validation of the completeness of the CSRAM, we can say that the CSRAM covers the whole ISO/IEC 27005 ISRM standard, and it is complete.
