Repository logo
 

Search Results

Now showing 1 - 10 of 12
  • Towards a comprehensive framework for the multidisciplinary evaluation of organizational maturity on business continuity program management: a systematic literature review
    Publication . Russo, Nelson; Reis, Leonilde; Silveira, Clara; São Mamede, Henrique
    Organizational dependency on Information and Communication Technology (ICT) drives the preparedness challenge to cope with business process disruptions. Business Continuity Management (BCM) encompasses effective planning to enable business functions to resume to an acceptable state of operation within a defined timeframe. This paper presents a systematic literature review that communicates the strategic guidelines to streamline the organizational processes in the BCM program, culminating in the Business Continuity Plan design, according to the organization’s maturity. The systematic literature review methodology follows the Evidence- Based Software Engineering protocol assisted by the Parsifal tool, using the EbscoHost, ScienceDirect, and Scopus databases, ranging from 2000 to February 2021. International Standards and Frameworks guide the BCM program implementation, however, there is a gap in communicating metrics and what needs to be measured in the BCM program. The major paper result is the confirmation of the identified gap, through the analysis of the studies that, according to the BCM components, report strategic guidelines to streamline the BCM program. The analysis quantifies and discusses the contribution of the studies on each BCM component to design a framework supported by metrics, that allows assessing the organization’s preparedness in each BCM component, focusing on Information Systems and ICT strategies.
  • Creativity in prototypes design: the case of social organizations
    Publication . Silveira, Clara; Santos, Vitor; Reis, Leonilde; São Mamede, Henrique
    The role of creativity techniques in the design of prototypes is of particular interest given its potential for innovation. At same time, despite the efforts of decades in terms of policies and programs of action, humanity has not yet come close to global sustainability. Sustainability design must involve society and creatively employ all available knowledge sources for creating sustainable software. This paper proposes a prototype design approach rooted in employing creativity techniques, while being guided by the dimensions and principles of the Karlskrona Manifesto. This approach is applied to the development of a multidisciplinary aggregator for the optimization of social services. As a result. guidelines for the use of creativity in requirements engineering will be presented, as well as on how to include sustainability issues, namely the Sustainable Development Goals and the five dimensions of sustainability in the design of prototypes.
  • Um modelo para utilização de social learning no ensino superior
    Publication . Santos, Vitor; Reis, Leonilde; Silveira, Claúdia
    Numa altura em que as redes sociais conquistaram o seu espaço no quotidiano da nossa sociedade, não podemos ignorar as suas potencialidades no que respeita à aprendizagem colaborativa. Acompanhar a aceitação pelos cibernautas destes novos espaços de comunicação, como é exe mplo o Facebook, e perceber se estes utilizadores estarão, também,motivados a participar e tirar proveito destas plataformas, enquanto facilitadoras da sua aprendizagem parece ser uma questão relevante[5]. Na presente proposta, e com este enquadramento, introduz-se o conceito de social learning (s-learning) fortemente baseado na proposta conectivista de George Siemens [6] e propõe-se um formato concreto para sua implementação no ensino superior.
  • Common techniques, success attack factors and obstacles to social engineering: a systematic literature review
    Publication . Lopes, António; São Mamede, Henrique; Reis, Leonilde; Santos, Arnaldo
    Knowledge of Social Engineering is crucial to prevent potential attacks related to organizational Information Security. The objective of this paper aims to identify the most common social engineering techniques, success attack factors, and obstacles, as well as the good practices and frameworks that could be adopted concerning their mitigation. As an analysis methodology, a Systematic Literature Review was carried out. The findings revealed that the discussion about SE attacks has increased and that the most imminent threat is phishing. Exploiting human vulnerabilities is a growing threat when the attack is not carried out directly through technical means. There continue to be more technical attacks than non-technical attacks. Encouraging organizational security prevention, like training, education, technical controls, process development, defense in detail, and the development of security policies, should be considered mitigating factors for the negative impact of SE attacks. Most SE frameworks/models are focused on attack techniques and methods, mostly on technical components, decorating human factor. As a novelty, we found the opportunity to develop a new framework that could improve coverage of the gaps found, supported on security international standards, that could help and support researchers in developing their work, understanding open research topics, and providing a clearer understanding of this type of threat.
  • Caracterização da faturação em Portugal: sob a perspetiva da certificação de programas informáticos de faturação
    Publication . Russo, Nelson; Reis, Leonilde
    Recentemente, a indústria de desenvolvimento de programas informáticos de faturação foi incentivada a incluir novas valências veiculadas por alterações legislativas fiscais. Neste sentido, foi efetuado o enquadramento fiscal, a caracterização das empresas e da faturação em Portugal, por meio de programa informático de faturação certificado. O valor acrescentado, centrou-se na análise das condicionantes implícitas ao processo de certificação, pela Autoridade Tributária e Aduaneira, no sentido de otimizar a perceção que as organizações têm deste processo. Considera-se assim, que estão criadas condições que potenciam a otimização do processo de certificação, no sentido de contribuir para o aumento do número de programas certificados.
  • Serviços em cloud na ótica de utilização empresarial
    Publication . Marchão, Joaquina; Reis, Leonilde
    O conceito de Cloud Computing tem sido amplamente discutido sendo uma vertente desta abordagem a redução dos custos. São diversos os prestadores de serviços de Cloud existentes no mercado e diversificados os modelos de serviços que estes disponibilizam através da internet. É objetivo deste artigo apresentar uma breve caracterização do estado da arte no que se refere a esta temática bem como suportar o seu conteúdo num estudo efetuado numa Organização de média dimensão. Foram abordadas duas perspectivas nesse estudo: utilização de serviços de gestão e arquivo do correio eletrónico em infraestrutura do fornecedor (Public Cloud), e virtualização de ambiente de trabalho desktop, em servidores de data-center interno (Private Cloud). Foi possível concluir que cada fornecedor adequa os modelos de negócio à sua especialidade, originando um mercado heterogéneo e de difícil análise comparativa dos serviços disponibilizados. Considera-se que será premente a conceção de protótipos que avaliem em contexto organizacional a viabilidade das soluções a implementar.
  • Framework for designing business continuity: multidisciplinary evaluation of organizational maturity
    Publication . Russo, Nelson; Reis, Leonilde; Silveira, Clara; São Mamede, Henrique
    In a competitive business environment, strongly supported on Information and Communication Technologies (ICT), organizations increasingly need to be prepared to cope with disruptions in their activity and business processes. Business Continuity Management (BCM) encompasses effective planning for the relaunch of business processes in the short term, through the implementation of a Business Continuity Plan (BCP), which constitutes a decisive management factor for the continuity of value creation or guarantee of delivery of goods or services, to safeguard the business survival. This work addresses this issue, supported by a preliminary literature review oriented to identify and relate the common basis of components and activities of the BCM in the normative references, models and libraries of good practices, in order to explore the identification of its gaps in driving an achievable instrument to all organization sizes, considering each component of the BCM, allowing to assess the stage of preparedness, implementation and appraisal of the essential elements, with greater focus on ICT systems, that guide the BCM and the design of a BCP tailored to an organization.
  • FAMMOCN – Demonstration and evaluation of a framework for the multidisciplinary assessment of organisational maturity on business continuity
    Publication . Russo, Nelson; São Mamede, Henrique; Reis, Leonilde; Silveira, Clara
    Business Continuity Management (BCM) encompasses effective planning to respond to business interruptions and relaunch business in the short term. This study follows the Design Science Research methodology and proposes a framework to systematise Business Continuity Management and streamline the Business Continuity Plan (BCP) design and implementation. The framework defines metrics providing strategical guidance and assessment of the Business Continuity Management initiatives. The framework provides a Business Continuity Management Model, an Implementation Guide, a Self-Assessment System, and a Measurement System. The model was developed based on a systematic literature review and guidelines from Business Continuity Management frameworks and standards. In the first iteration, we demonstrated and evaluated the framework through a Focus Group with experts in Business Continuity Management. In the second iteration, it was used and evaluated by professionals with responsibilities in Business Continuity Plan implementation, representing various business sectors. As a result, the framework is useful and complete, effective and enhances governance and is scalable and adaptable to organisations. This study concludes that the framework adds value to Business Continuity Management monitoring, gaps identification, and practitioner's guidance on what needs to be planned, done, checked and acted to manage continuity.
  • Methodology for introducing creativity in requirements engineering
    Publication . Santos, Vitor; São Mamede, Henrique; Silveira, Clara; Reis, Leonilde
    The increase of global competitiveness, the ability of organizations to effectively use information technologies, and to focus on innovation and creativity are recognized as being important. In this context, the hypothesis of resorting to known creativity techniques or adaptations to help innovation in the field of Software Engineering appears to be challenging. This paper proposes a methodology for introducing creativity and innovation techniques in the Requirements Engineering process in order to build more agile and efficient Information Systems. The method uses a variety of creative techniques that are thought to be appropriate to the different stages of the process and is inspired by existing creative problem-solving methods and techniques, in particular in the Creative Problem-Solving Process, Productive Thinking Model and the Creative Potentiation Method. The study of the method allowed its application, through the use of various creativity techniques, in a real context in a social institution - the Social Center for Support to the Community of S ão Domingos. The application of the methodology allowed the identification of new opportunities that allowed the organization to devise service delivery strategies that were more suited to the needs of people.
  • Information security threat assessment using social engineering in the organizational context: literature review
    Publication . Lopes, António; Reis, Leonilde; São Mamede, Henrique; Santos, Arnaldo
    Currently, due to the value and diversity of data that organizations use and produce in their activity, it is extremely important to protect this asset. Security flaws can arise due to several factors and whenever it is difficult to gain access to the desired information, because of technological barriers. In this case, attacks are redirected to the exploitation of human beings vulnerabilities, through various techniques. The objective of this work focuses on literature review, studying the underlying theme of Social Engineering, as it uses human trust, convincing someone of something fake, using various interactions and different vectors to gain access to private information. The research work will be supported by Design Science Research, due to the possibility of construction, evaluation, and subsequent validation of the artifact. The contribute of a framework proposal for preventing social engineering attacks in organizations and provide the best recommendations, guiding, and supporting the stakeholders in the selection and definition of controls that guarantee the security of organizational information and avoid possible attacks by Social Engineering. It is expected that the practical ef-fects of the future work will result in a reduction in the number of attacks using Social Engineering, greater individual and collective preparation to deal with this problem and, over time, the incentive to continued expansion of the adoption of these artifacts at the organizational level.