This paper presents an approach based on network theory to deal with risk interactions in large engineering projects. Indeed, such projects are exposed to numerous and interdependent risks of various nature, which makes their management more difficult. In this paper, a topological analysis based on network theory is presented, which aims at identifying key elements in the structure of interrela...

It is essential for corporate social responsibility that staff can trust its leaders. This paper argues that trust in leaders depends on the relationship between the leader’s values, words and actions. If they are in line, employees can trust the leader. If they are not, distrust prevails. Five alternative relationships between values, words and actions can be identified: (1) values = words = a...

In this century, information, along with other factors of production, is a valuable and vital component of the organizations. With increasing technology advances, organizations have realized the undeniable benefits of Information Technology (IT) to increase the quality, accuracy and speed of affairs and most managers have become aware of the importance of its use in increasing efficiency and ef...

Security risk analysis should be conducted regularly to maintain an acceptable level of security. In principle, all risks that are unacceptable according to the predefined criteria should be mitigated. However, risk mitigation comes at a cost, and only the countermeasures that cost-efficiently mitigate risks should be implemented. This paper presents an approach to integrate the countermeasure ...

There are numerous forecast models of software development costs, however, various problems become apparent in context to practical application. Standardized methods, such as COCOMO II have to be calibrated at an individual operational level on the basis of the underlying database. This paper presents a new activity based approach that is based on business specific cost data that can be easily ...

The importance of information as a resource and competitive factor in today’s society and economy is constantly rising. As a consequence, it becomes necessary for organizations to manage the risks that arise from poor information quality (IQ) in the same way other operational and strategic risks are managed. Information is, however, an unique and intangible resource that requires special method...

We discuss a simple model of disk backups and other maintenance processes that include change to computer data. We determine optimal strategies for scheduling such processes. A maximum entropy model of random change provides a simple and intuitive guide to the process of sector based disk change and leads to an easily computable optimum time for backup that is robust to changes in the model. We...

We are already into the fall season with winter rapidly approaching. As always, we have many changes to report at the Diagnostic Laboratory. We ended our 1998-1999 fiscal year with a 23 percent increase in accessions compared to the previous year. We are constantly working on improving our diagnostic testing ability, frequently by using molecular techniques. Some of these new advances are detai...

Operator error has been blamed for many accidents and incidents in safety-critical systems. It is important that humanmachine interface (HMI) designers are aware of the relationships between their design decisions, operator errors, and the hazards associated with a system. In this paper, we demonstrate how information from risk analysis can be combined with formal specification of the HMI, to s...

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in ...