Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in ...Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.展开更多
Information technology(IT)developments of large magnitude organize as collections of multiple projects into a single program,especially under dynamic conditions of market uncertainty that frequently change requirement...Information technology(IT)developments of large magnitude organize as collections of multiple projects into a single program,especially under dynamic conditions of market uncertainty that frequently change requirements or solutions midstream.Successful completion of an IT development program requires that the multiple teams work effec-tively together as well as independently in response to changes by relying on the differ-entiation of talent and knowledge available to the program manager.We consider and empirically support a model derived from principles in the multi-team systems(MTS)literature to determine the influence of differentiation among the IT program in the sharing of knowledge and information.The relationship from differentiation to program success is mediated by knowledge and information sharing,showing how to manage change through the dissemination of information and knowledge.Uncertainty of the market positively moderates the relation from differentiation among projects to infor-mation sharing.These findings contribute to the literature by empirically validating that MTS frameworks are exceptionally well suited for dealing with complex environments in the context of IT development.展开更多
基金the Science and Technology Innovation Program of Shanghai Science and Technology Commit-tee(No.19511103500)。
文摘Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.
文摘Information technology(IT)developments of large magnitude organize as collections of multiple projects into a single program,especially under dynamic conditions of market uncertainty that frequently change requirements or solutions midstream.Successful completion of an IT development program requires that the multiple teams work effec-tively together as well as independently in response to changes by relying on the differ-entiation of talent and knowledge available to the program manager.We consider and empirically support a model derived from principles in the multi-team systems(MTS)literature to determine the influence of differentiation among the IT program in the sharing of knowledge and information.The relationship from differentiation to program success is mediated by knowledge and information sharing,showing how to manage change through the dissemination of information and knowledge.Uncertainty of the market positively moderates the relation from differentiation among projects to infor-mation sharing.These findings contribute to the literature by empirically validating that MTS frameworks are exceptionally well suited for dealing with complex environments in the context of IT development.
