University of Worcester Worcester Research and Publications
 
  USER PANEL:
  ABOUT THE COLLECTION:
  CONTACT DETAILS:

Balancing Risk Appetite and Risk Attitude in Requirements: a Framework for User Liberation

Dresner, D. and Garfield, Joy (2014) Balancing Risk Appetite and Risk Attitude in Requirements: a Framework for User Liberation. In: UK Academy for Information Systems (UKAIS 2014), 7 – 9 April 2014, St Catherine’s College, University of Oxford, Oxford.

[img]
Preview
Text
Conference Paper - Balancing risk appetite and risk attitude.pdf - Presentation

Download (738kB) | Preview

Abstract

The tendency to throw controls at perceived and real system vulnerabilities, coupled with the likelihood of these controls being technical in nature, has the propensity to favour security over usability. However there is little evidence of increased assurance and it could encourage work stoppages or deviations that keep honest users from engaging with the system. The conflicting balance of trust and controls, and the challenge of turning that balance into clear requirements, creates an environment that alienates users and feeds the paranoia of actors who assume more ownership of the system than necessary. Security therefore becomes an inhibitor rather than an enabler for the community. This paper looks at measuring the balance of an organisation’s or a community’s risk appetite with the risk attitudes of its members in the early stages of IS development. It suggests how the dials of assurance can be influenced by the levers of good systems practice to create a cultural shift to trusting the users.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: security, risk, requirements, trust, non-functional
Subjects: T Technology > T Technology (General)
Divisions: Academic Departments > Worcester Business School
Depositing User: Joy Garfield
Date Deposited: 04 Jul 2014 09:23
Last Modified: 20 May 2016 14:42
URI: https://eprints.worc.ac.uk/id/eprint/3191

Actions (login required)

View Item View Item
 
     
Worcester Research and Publications is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.