• International Journal of Contents
• /
• 제13권1호
• /
• pp.22-30
• /
• 2017

The diffusion of advanced mobile technology has introduced new types of personal information or 'location data'. These new data mean new opportunities for businesses, such as location-based services (LBS), but have resulted in new consumer anxieties regarding disclosure of personal information. This study examines the effects of the consumers' perceived control over "time-andplace" information in location-aware services on their perceived privacy risk. A total of 270 respondents participated in this study. Conditions of perceived privacy control were operationalized over time-and-place information, in a $2{\times}2$ factorial design. Results indicate that the perceived control over time-and-place personal information is a significant predictor of perceived risk, and control assurances over time-and-place information enhances the perception of control, thus alleviating the perceived risk. In addition, the effect is much more significant when time and place were combined.

• 한국수자원학회:학술대회논문집
• /
• 한국수자원학회 2012년도 학술발표회
• /
• pp.467-467
• /
• 2012

As the features of recent flood are spatially concentrated, loss of life and property increase by the impact of climate change. In addition to this the public interest in water control information is increased and socially reasonable justification of water control policy is needed. It is necessary to estimate the flood risk in order to let people know the status of flood control and establish flood control policy. For accurate flood risk analysis, we should consider inter-relation between causal factors of flood damage. Hence, flood risk analysis should be applied to interdependence of the factors selected. The Bayesian networks are ideally suited to assist decision-making in situations where there is uncertainty in the data and where the variables are highly interlinked. In this research, to provide more proper water control information the flood risk analysis is performed using the Bayesian networks to handle uncertainty and dependency among 13 specific proxy variables.

• 한국컴퓨터정보학회논문지
• /
• 제24권11호
• /
• pp.99-107
• /
• 2019

사이버 보안을 위한 활동인 '위험관리(Risk management)'와 '보안관제(security monitoring)' 업무는 미래에 발생할 보안 위협에 대비하고 보안 사고를 최소화 하는 활동이라는 점에서 깊은 상관관계를 가지고 있다. 또한 위험관리와 보안관제 분야 모두 관리자에게 시각적으로 그 정보자산에 대한 위협을 보여주는 패턴 모델을 적용하는 것이 효과적이다. 검증받은 패턴모델로는 전통적인 품질관리 분야에서 오랫동안 사용되어온 '관리도'(control chart)모델이 존재하지만 정보시스템의 사이버 위험관리와 보안관제에서의 활용은 부족하다. 이에 본 논문에서는 위험관리와 보안관제 시스템을 통합한 사이버 SRM(Security Risk Monitoring)시스템을 설계하였다. SRM은 '관리도'의 패턴을 이용한 '보안대책' (security control)의 적용 전략을 제시한다. 보안대책은 기존의 표준화된 보안대책 집합인 ISMS, NIST SP 800-53, CC를 통합적으로 적용하였다. 이를 활용하여 2014~2018년 까지 4년간 우리나라사이버위기 경보동향을 분석하였고 이는 향후 보다 유연한 보안대책 수립을 가능하게 한다.

• 한국학교보건학회지
• /
• 제29권3호
• /
• pp.256-266
• /
• 2016

Purpose: This study was to compare and to examine the factors related to risk behaviors of adolescents living in small and medium-sized cities and in rural areas. Methods: The subjects were 545 adolescents (295 from small and medium-sized cities and 250 from rural areas). The data was analyzed by descriptive statistics, Pearson corelation coefficients, and multiple regression with IBM SPSS 19.0 program. Results: The factors influencing the risk behaviors of adolescents in small- medium cities were school, peer risk factors and community risk factors, self- control among protective factors, positive communication with parents, positive peer associations, these variables explained 42.0%. The most important variable explaining the risk behaviors of adolescents in small- medium cities was positive communication with parents, followed by community risk factors, peer risk factors, positive peer relationships, school and self-control. The factors affecting the risk behaviors of rural adolescents were school, personal risk factor, peer risk factor, self- control factor, which explained 38.5% of the risk behaviors of adolescents in rural areas. Among them, the most important variable explaining risk behaviors was personal risk factors, followed by peer risk factors, school, and self-control. Conclusion: These finding suggest a need to develop a strategy to improve positive communication with parents for adolescents living in small- medium cities and a strategy to reduce personal risk factors and peer risk factors for rural adolescents.

• Asia pacific journal of information systems
• /
• 제5권1호
• /
• pp.112-128
• /
• 1995

The information system control includes organizational structure, control mechanism, and management tools which contribute to accomplish the goals of information system: asset safeguarding, data integrity, effectiveness, and efficiency. Information system audit is the process to evaluate whether the information system accomplishs the goals. Information system auditor examine the reliability of information system control and suggest recommendations to improve the information system control. Both information system control and information system audit activities contribute to prevent and detect the computer crime for the organization. This paper proposes a causal model of information system control/audit and the perceived risk of computer crime, and tests the model using a survey on 38 financial institutions in Korea. Statistical results show that information system control and audit significantly reduce the computer crime risk perceived by the user group. The general control has a stronger impact than the application control. In addition, it turns out that the greater the deviation between the importance and the actual level of information system control is, the higher the perceived risk of computer crime is.

• 산경연구논집
• /
• 제10권12호
• /
• pp.35-42
• /
• 2019

Purpose : This study examines The impact of human resource investment in internal control on stock price crash risk. Effective internal control ensures that information provided is complete and accurate, financial statements are reliable. By overseeing management, internal control systems can reduce agency costs between management and outside parties. In Korea, firms have to disclose information about internal control systems. The working experience of human resources in internal control systems is also provided for interested parties. If a firm hires more experienced internal control personnel, it can better facilitate the disclosure of information. Prior studies reported that information asymmetry between managers and investors increases future stock price crash risk. Therefore, the longer working experience internal control personnel have, the lower probability stock crashes have. Research design, data and methodology : This study analyzed the association between the working experience of internal control personnel and crash risk using regression analysis on KOSPI listed companies for fiscal years 2016 through 2017. The sample consists of 1,034 firm-years of non-financial firms whose fiscal year end on December 31. Career spanning data of internal control personnel was collected from internal control reports. The professionalism(IC_EXP) was measured as the logarithm of the average working experience of internal control personnel in months. Negative conditional skewness(NSKEW) and down-to-up volatility (DUVOL) are used to measure firm-specific crash risk. Both measures are based on firm-specific weekly returns derived from the expanded market model. Results : We find that work experience in internal control environment is negatively related to stock price crashes. Specifically, skewness(NSKEW) and volatility (DUVOL) are reduced when firms have longer tenure of human resources in internal control division. The results imply that firms with experienced internal control personnel are less likely to experience stock price crashes. Conclusions : Stock price crashes occur when investors realize that stock prices have been inflated due to information asymmetry. There is a learning effect when internal control processes are done repetitively. Thus, firms with more experienced internal control personnel could manage their internal control more effectively. The results of this study suggest that firms could decrease information asymmetry by investing in human resources for their internal control system.

• Journal of Information Processing Systems
• /
• 제10권2호
• /
• pp.240-255
• /
• 2014

Cloud computing has increasingly been drawing attention these days. Each big company in IT hurries to get a chunk of meat that promises to be a whopping market in the future. At the same time, information is always associated with security and risk problems. Nowadays, the handling of these risks is no longer just a technology problem, with a good deal of literature focusing on risk or security management and framework in the information system. In this paper, we find the specific business meaning of the BMIS model and try to apply and leverage this model to cloud risk. Through a previous study, we select and determine the causal risk factors in cloud service, which are also known as CSFs (Critical Success Factors) in information management. Subsequently, we distribute all selected CSFs into the BMIS model by mapping with ten principles in cloud risk. Finally, by using the leverage points, we try to leverage the model factors and aim to make a resource-optimized, dynamic, general risk control business model for cloud service providers.

• 한국정보시스템학회지:정보시스템연구
• /
• 제28권2호
• /
• pp.129-152
• /
• 2019

Purpose The purpose of this study is to empirically identify the risky behavior of mobile device users using the Internet of Things on a situational perspective. Design/methodology/approach This study made a design of the research model based on model of the determinants of risk behavior. Data were collected through a survey including hypothetical scenario. SmartPLS 2.0 was used for the structural model analysis and t-test was conducted to compare the between normal and situational behavior. Findings The results were as follows. First, the central roles of risk propriety and risk perception were verified empirically. Second, we identified the role of locus of control as a new factor of impact on risky behavior. Third, mobile risk propensity has been shown to increase risk perception. Fouth, it has been shown that risk perception does not directly affect risky behavior and reduce the relationship between mobile risk propensity and risk behavior. According to the empirical analysis result, Determinants of risk behavior for mobile users were identified based on a theoretical framework. And it raised the need to pay attention to the impact of locus of control on risk behavior in the IS security field. It provided direction to the approach to risky behavior of mobile device users. In addition, this study confirmed that there was a possibility of taking risky behavior in the actual decision-making.

• 대한토목학회논문집
• /
• 제32권4D호
• /
• pp.313-322
• /
• 2012

본 연구는 택시운수업 종사자의 위험성향을 위험감행행동과 교통 통제소재의 측면에서 분석하였다. 위험감행행동 측면의 분석을 위해 운전자의 위험감행성향의 위험감행행동에 대한 예측모형을 제시하였다. 이를 통해 운전자의 위험감행성향은 위험감행행동에 유의미한 영향을 주고 있음을 알 수 있었으며, 지각운전능력이 높고 준법의식이 결여될수록 위반행동을 많이 하는 것으로 나타났다. 둘째, 교통 통제소재(외적통제형, 내적통제형)에 따라 위험감행 수준의 차이가 있는지 다변량 분석을 통해 알아보았다. 외적통제형(External Control) 운전자의 경우 위험감행수준이 높고 내적통재형(Internal Control)의 경우 위험감행수준이 낮게 분석되어 사고책임을 귀인(歸因)하는 태도에 따라 위험감행성향에 차이가 있는 것을 볼 수 있었다. 본 연구에서 구조방정식 모형을 통해 구축한 위험감행성향과 관련된 위험감행 예측모형에서 ${\chi}^2$값은 279.7, ${\chi}^2$/df=1.55, RMSEA=.44, GFI=.911, TLI=.916, CFI=.929로 적합한 부합도를 보이고 있다.

• Safety and Health at Work
• /
• 제2권4호
• /
• pp.375-379
• /
• 2011

Control Banding (CB) strategies to prevent work-related illness and injury for 2.5 billion workers without access to health and safety professionals has grown exponentially this last decade. CB originates from the pharmaceutical industry to control active pharmaceutical ingredients without a complete toxicological basis and therefore no occupational exposure limits. CB applications have broadened into chemicals in general - including new emerging risks like nanomaterials and recently into ergonomics and injury prevention. CB is an action-oriented qualitative risk assessment strategy offering solutions and control measures to users through "toolkits". Chemical CB toolkits are user-friendly approaches used to achieve workplace controls in the absence of firm toxicological and quantitative exposure information. The model (technical) validation of these toolkits is well described, however firm operational analyses (implementation aspects) are lacking. Consequentially, it is often not known if toolkit use leads to successful interventions at individual workplaces. This might lead to virtual safe workplaces without knowing if workers are truly protected. Upcoming international strategies from the World Health Organization Collaborating Centers request assistance in developing and evaluating action-oriented procedures for workplace risk assessment and control. It is expected that to fulfill this strategy's goals, CB approaches will continue its important growth in protecting workers.