Worcester Research and Publications

SEARCH EPRINTS:

USER PANEL:

ABOUT THE COLLECTION:

WRaP is a collection of research papers and university publications. It presents the academic and creative work of the university. You are welcome to look for and obtain items of interest and make contact with the authors and creators.

CONTACT DETAILS:

All correspondence about WRaP should be sent to the Repository Manager.

Balancing Risk Appetite and Risk Attitude in Requirements: a Framework for User Liberation

Tools

Dresner, D. and Garfield, Joy (2014) Balancing Risk Appetite and Risk Attitude in Requirements: a Framework for User Liberation. UK Academy for Information Systems Conference Proceedings 2014, 10.

Preview

Text (Full-length published conference presentation)
Conference Paper - Balancing risk appetite and risk attitude.pdf - Published Version
Download (738kB) | Preview

Official URL: https://aisel.aisnet.org/ukais2014/10/

Abstract

The tendency to throw controls at perceived and real system vulnerabilities, coupled with the likelihood of these controls being technical in nature, has the propensity to favour security over usability. However there is little evidence of increased assurance and it could encourage work stoppages or deviations that keep honest users from engaging with the system. The conflicting balance of trust and controls, and the challenge of turning that balance into clear requirements, creates an environment that alienates users and feeds the paranoia of actors who assume more ownership of the system than necessary. Security therefore becomes an inhibitor rather than an enabler for the community. This paper looks at measuring the balance of an organisation’s or a community’s risk appetite with the risk attitudes of its members in the early stages of IS development. It suggests how the dials of assurance can be influenced by the levers of good systems practice to create a cultural shift to trusting the users.

Item Type:	Article
Additional Information:	The full-text cannot be supplied for this item. Please check availability with your local library or Interlibrary Requests Service.
Uncontrolled Discrete Keywords:	security, risk, requirements, trust, non-functional
Subjects:	T Technology > T Technology (General)
Divisions:	College of Business, Psychology and Sport > Worcester Business School
Related URLs:	https://www.ukais.org/
Depositing User:	Joy Garfield
Date Deposited:	04 Jul 2014 09:23
Last Modified:	02 Oct 2020 10:02
URI:	https://eprints.worc.ac.uk/id/eprint/3191

Actions (login required)

View Item

CORE (COnnecting REpositories)

© University of Worcester Henwick Grove, WR2 6AJ Tel: 01905 855000 | Materials in WRaP are protected by copyright and other intellectual property rights. By using WRaP you agree to abide by UK copyright laws.

Worcester Research and Publications is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.