Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

A Resilience-based Model for Performance Evaluation of Information Systems

복원탄력성기반 정보시스템 성과평가모델 연구

  • Kim, Kyung-Ihl (Department of Convergence Management, Korea National University of Transportation) ;
  • Lee, Seong-Hyo (Division of General Education, MyongJi University)
  • 김경일 (한국교통대학교 융합경영학과) ;
  • 이성효 (명지대학교 자연교양학부)
  • Received : 2020.02.03
  • Accepted : 2020.03.20
  • Published : 2020.03.28
Download PDF
⟨ Previous Next ⟩

Abstract

Information System is influenced by the innovation of new IT. Therefore, IS should response to external environment's changes quickly. Particularly, resilience should be considered in barriers of IS. This study suggests a new information system evaluation model in which resilience is added to the existing factors of Delone and Mclean. Then the effect of resilience is evaluated through the DEA(Data Envelopment Analysis) based on a survey targeting 115 users of a mid-sized manufacturing company. The results show that the effect of resilience is stronger than any other factors in the previous researches. We, thus, suggest that the resilience should be included as an evaluation factor of the ISO27001 information security standard in order to enhance the absorptive capacity of the information system.

정보시스템은 새로운 기술의 변혁에 영향을 받는다. 따라서 정보시스템은 외부환경 변화에 신속하게 대응하여야 하며, 특히 정보시스템 장애발생시 그 복원능력이 중요시되어야 한다. 본 연구에서는 Delone과 McLean의 성공요인에 복원탄력성을 추가한 정보시스템 평가모형을 제안하였다. 또한 국내 중견제조업체의 115 사용자 들을 대상으로 한 설문조사를 바탕으로 한 자료포락분석으로 복원탄력성의 영향을 평가하였다. 연구방법으로 채택한 자료포락분석 모형은 금융권에서 주로 적용하는 Charnes 등의 모형을 적용하여 노드생성 중단값 5%에서 민감도분석에 의해 순위화된 인자들을 찾아 다른 인자들에 미치는 영향도를 탐색하였다. 분석결과, 복원탄력성에 대한 영향력은 이전의 연구에서 적용했던 다른 요인들보다 강한 영향을 미치는 것으로 나타났다. 복원탄력성을 ISO27001 정보보호규격의 평가요인으로 포함하여 정보시스템의 흡수역량을 강화하여야 할 것이다.

Keywords

References

  1. G. Muller, T. G. Koslowski & R. Accorsi. (2013). Resilience - A New Rsearch Field in Business Information Systems?, Proceedings of the 16th International Conference on Business Information Systems, Poznan, Poland, June 19-21.
  2. M. Jouini, L. B. A. Rabai & A. B. Aissa. (2014). Classification of Security Threats in Information Systems, Procedia Computer Science 32, 489-496. DOI : 10.1016/j.procs.2014.05.452.
  3. N. Feng, H. J. Wang & M. Li. (2014). A Security Risk Analysis Model for Information Systems: Causal Relationships of Risk Factors and Vulnerability Propagation Analysis. Information Science, 256, 57-73. DOI : 10.1016/j.ins.2013.02.036.
  4. D. W. David, N. Leveson & E. Hoolnagel. (2012). Resilience Engineering : Concepts and Percepts, Farnham : Ashgate.
  5. D. Denyer, E. Kutsch, E. L. Lee-Kelley & M. Hall. (2011). Exploring Reliability inn Information Systems Programmes. International Journal of Project Management, 29(4), 442-454. DOI : 10.1016/j.ijproman.2011.02.002.
  6. W. H. DeLone & E. R. McLean. (1992). Information Systems Success: The Quest for the Dependent Variable. Information System Research, 3(1), 60-95. DOI : 10.1287/isre.3.1.60.
  7. J. C. Shin & K. I. Kim. (2016). A Study of the success factors in the Enterprise Information Systems introduced. Journal of Convergence Society for SMB, 6(4), 1-8. DOI : 10.22156/CS4SMB.2016.6.4.001.
  8. L. Willcocks & H. Margetts. (1994). Risk Assessment and Information Systems. European Journal of Information Systems, 3, 127-138. DOI : 10.1056/175170802242893.
  9. M. Gelderman. (1998). The Relation between Usr satisfaction, Usage of Information Systems and Performance. Information & Management, 34(1), 11-18. DOI : 10.1016/50378-7206(98)00044-5.
  10. W. Skok, A. Kophamel & I. Richardson. (2001). Diagnosing Information Systems Success : Importance-Performance Maps in the Health Club Industry. Information & Management, 38(7), 409-419. DOI : 10.1016/S0378-7206(00)00076-8.
  11. K. I. Kim (2018), Difference Between Client's and Supplier's receptions of IT Outsourcing Risks. Journal of Convergence for Information Technology, 8(5), 237-242. DOI : 10.22156/CS4SMB.2018.8.5.237.
  12. I. Park, R. Sharman, H. R. Rao & S. Upadhyaya. (2009). On the Two Factors Affecting Information Systems Success in the Extreme Event Context, 8th Workshop on E- Business, WEB, Phoenix, AZ, USA, Dec.15.
  13. J. Y. Thong & C. S. Yap. (2000). Information Systems and Occupational Stress: A Theoritical Framework. Omega, 28(6), 681-692. DOI : 10.1016/S0305-0483(00)00020-7.
  14. L. Riolli & V. Savicki. (2003). Information System Organizational Resilience. Omega, 31(3), 227-233. DOI : 10.1016/S0305-0483(03)00023-9.
  15. K. I. Kim. (2017). Impact on AIS Process and Firm Performance of Accounting Information System Based in Dynamic Capabilities Framework. Journal of Convergence for Information Technology, 7(5), 169-175. DOI : 10.22156/CS4SMB.2017.7.5.169.
  16. B. Hsiao, L shu & F. Chiu. (2019). Assessing the efficieny the accounting industry using multiactivity net DEA: evidence from Taiwan. Inernational Transaction in Operation, 26(6), 2362-2386. DOI : 10.1111/itor.12416.
  17. W. Peter, K. A. Abul, A. & J. Antunes. (2019). A dynamic network DEA model for accounting and financial indicators : A Case of efficience in MENA banking. Internaional Review of Economics & Finance, 61(4), 52-68. DOI : 10.1016/j.ref.2019.01.004.
  18. J. H. Choi, W. J. Kim & J. S. Lim. (2019). A Study on Maturity Model for the Assessment of Cyber Resilence Level in the Defence Information System. Journal of The Korea Institute of Information Security & Cryptology, 29(5), 1153-1165. DOI : 10.13089/JKIISC.2019.29.5.1153.