• International Journal of Contents
• /
• v.13 no.1
• /
• pp.22-30
• /
• 2017

The diffusion of advanced mobile technology has introduced new types of personal information or 'location data'. These new data mean new opportunities for businesses, such as location-based services (LBS), but have resulted in new consumer anxieties regarding disclosure of personal information. This study examines the effects of the consumers' perceived control over "time-andplace" information in location-aware services on their perceived privacy risk. A total of 270 respondents participated in this study. Conditions of perceived privacy control were operationalized over time-and-place information, in a $2{\times}2$ factorial design. Results indicate that the perceived control over time-and-place personal information is a significant predictor of perceived risk, and control assurances over time-and-place information enhances the perception of control, thus alleviating the perceived risk. In addition, the effect is much more significant when time and place were combined.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2012.05a
• /
• pp.467-467
• /
• 2012

As the features of recent flood are spatially concentrated, loss of life and property increase by the impact of climate change. In addition to this the public interest in water control information is increased and socially reasonable justification of water control policy is needed. It is necessary to estimate the flood risk in order to let people know the status of flood control and establish flood control policy. For accurate flood risk analysis, we should consider inter-relation between causal factors of flood damage. Hence, flood risk analysis should be applied to interdependence of the factors selected. The Bayesian networks are ideally suited to assist decision-making in situations where there is uncertainty in the data and where the variables are highly interlinked. In this research, to provide more proper water control information the flood risk analysis is performed using the Bayesian networks to handle uncertainty and dependency among 13 specific proxy variables.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.11
• /
• pp.99-107
• /
• 2019

The "Risk management" and "Security monitoring" activities for cyber security are deeply correlated in that they prepare for future security threats and minimize security incidents. In addition, it is effective to apply a pattern model that visually demonstrates to an administrator the threat to that information asset in both the risk management and the security system areas. Validated pattern models have long-standing "control chart" models in the traditional quality control sector, but lack the use of information systems in cyber risk management and security systems. In this paper, a cyber Security Risk Monitoring (SRM) system that integrates risk management and a security system was designed. The SRM presents a strategy for applying 'security control' using the pattern of 'control charts'. The security measures were integrated with the existing set of standardized security measures, ISMS, NIST SP 800-53 and CC. Using this information, we analyzed the warning trends of the cyber crisis in Korea for four years from 2014 to 2018 and this enables us to establish more flexible security measures in the future.

• Journal of the Korean Society of School Health
• /
• v.29 no.3
• /
• pp.256-266
• /
• 2016

Purpose: This study was to compare and to examine the factors related to risk behaviors of adolescents living in small and medium-sized cities and in rural areas. Methods: The subjects were 545 adolescents (295 from small and medium-sized cities and 250 from rural areas). The data was analyzed by descriptive statistics, Pearson corelation coefficients, and multiple regression with IBM SPSS 19.0 program. Results: The factors influencing the risk behaviors of adolescents in small- medium cities were school, peer risk factors and community risk factors, self- control among protective factors, positive communication with parents, positive peer associations, these variables explained 42.0%. The most important variable explaining the risk behaviors of adolescents in small- medium cities was positive communication with parents, followed by community risk factors, peer risk factors, positive peer relationships, school and self-control. The factors affecting the risk behaviors of rural adolescents were school, personal risk factor, peer risk factor, self- control factor, which explained 38.5% of the risk behaviors of adolescents in rural areas. Among them, the most important variable explaining risk behaviors was personal risk factors, followed by peer risk factors, school, and self-control. Conclusion: These finding suggest a need to develop a strategy to improve positive communication with parents for adolescents living in small- medium cities and a strategy to reduce personal risk factors and peer risk factors for rural adolescents.

• Asia pacific journal of information systems
• /
• v.5 no.1
• /
• pp.112-128
• /
• 1995

The information system control includes organizational structure, control mechanism, and management tools which contribute to accomplish the goals of information system: asset safeguarding, data integrity, effectiveness, and efficiency. Information system audit is the process to evaluate whether the information system accomplishs the goals. Information system auditor examine the reliability of information system control and suggest recommendations to improve the information system control. Both information system control and information system audit activities contribute to prevent and detect the computer crime for the organization. This paper proposes a causal model of information system control/audit and the perceived risk of computer crime, and tests the model using a survey on 38 financial institutions in Korea. Statistical results show that information system control and audit significantly reduce the computer crime risk perceived by the user group. The general control has a stronger impact than the application control. In addition, it turns out that the greater the deviation between the importance and the actual level of information system control is, the higher the perceived risk of computer crime is.

• The Journal of Industrial Distribution & Business
• /
• v.10 no.12
• /
• pp.35-42
• /
• 2019

Purpose : This study examines The impact of human resource investment in internal control on stock price crash risk. Effective internal control ensures that information provided is complete and accurate, financial statements are reliable. By overseeing management, internal control systems can reduce agency costs between management and outside parties. In Korea, firms have to disclose information about internal control systems. The working experience of human resources in internal control systems is also provided for interested parties. If a firm hires more experienced internal control personnel, it can better facilitate the disclosure of information. Prior studies reported that information asymmetry between managers and investors increases future stock price crash risk. Therefore, the longer working experience internal control personnel have, the lower probability stock crashes have. Research design, data and methodology : This study analyzed the association between the working experience of internal control personnel and crash risk using regression analysis on KOSPI listed companies for fiscal years 2016 through 2017. The sample consists of 1,034 firm-years of non-financial firms whose fiscal year end on December 31. Career spanning data of internal control personnel was collected from internal control reports. The professionalism(IC_EXP) was measured as the logarithm of the average working experience of internal control personnel in months. Negative conditional skewness(NSKEW) and down-to-up volatility (DUVOL) are used to measure firm-specific crash risk. Both measures are based on firm-specific weekly returns derived from the expanded market model. Results : We find that work experience in internal control environment is negatively related to stock price crashes. Specifically, skewness(NSKEW) and volatility (DUVOL) are reduced when firms have longer tenure of human resources in internal control division. The results imply that firms with experienced internal control personnel are less likely to experience stock price crashes. Conclusions : Stock price crashes occur when investors realize that stock prices have been inflated due to information asymmetry. There is a learning effect when internal control processes are done repetitively. Thus, firms with more experienced internal control personnel could manage their internal control more effectively. The results of this study suggest that firms could decrease information asymmetry by investing in human resources for their internal control system.

• Journal of Information Processing Systems
• /
• v.10 no.2
• /
• pp.240-255
• /
• 2014

Cloud computing has increasingly been drawing attention these days. Each big company in IT hurries to get a chunk of meat that promises to be a whopping market in the future. At the same time, information is always associated with security and risk problems. Nowadays, the handling of these risks is no longer just a technology problem, with a good deal of literature focusing on risk or security management and framework in the information system. In this paper, we find the specific business meaning of the BMIS model and try to apply and leverage this model to cloud risk. Through a previous study, we select and determine the causal risk factors in cloud service, which are also known as CSFs (Critical Success Factors) in information management. Subsequently, we distribute all selected CSFs into the BMIS model by mapping with ten principles in cloud risk. Finally, by using the leverage points, we try to leverage the model factors and aim to make a resource-optimized, dynamic, general risk control business model for cloud service providers.

• The Journal of Information Systems
• /
• v.28 no.2
• /
• pp.129-152
• /
• 2019

Purpose The purpose of this study is to empirically identify the risky behavior of mobile device users using the Internet of Things on a situational perspective. Design/methodology/approach This study made a design of the research model based on model of the determinants of risk behavior. Data were collected through a survey including hypothetical scenario. SmartPLS 2.0 was used for the structural model analysis and t-test was conducted to compare the between normal and situational behavior. Findings The results were as follows. First, the central roles of risk propriety and risk perception were verified empirically. Second, we identified the role of locus of control as a new factor of impact on risky behavior. Third, mobile risk propensity has been shown to increase risk perception. Fouth, it has been shown that risk perception does not directly affect risky behavior and reduce the relationship between mobile risk propensity and risk behavior. According to the empirical analysis result, Determinants of risk behavior for mobile users were identified based on a theoretical framework. And it raised the need to pay attention to the impact of locus of control on risk behavior in the IS security field. It provided direction to the approach to risky behavior of mobile device users. In addition, this study confirmed that there was a possibility of taking risky behavior in the actual decision-making.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.32 no.4D
• /
• pp.313-322
• /
• 2012

This study analyzes taxi driver's risk-taking propensity with respect to risk-taking behaviour and traffic locus of control. In order to explore the traffic risk-taking, we present a predictive model by structural analysis of driver's risk-taking propensity. By applying this model to survey data from taxi drivers, we can observe that driver's risk-taking propensity has a significant impact on the traffic violation intention, and the higher perception of law and the lower lack of law-abiding drivers have, the more they tend to violate. Second, we test using multivariate analysis if the level of risk-taking propensity differs by the locus of control( external or internal). Drivers of external control shows higher risk-taking level compared to those of internal control so that the risk-taking propensity shows difference according to the locus of control for the responsibility of traffic accidents. The structural equation model of our study yielded ${\chi}^2$ = 279.7, ${\chi}^2$/df = 1.55, RMSEA = 0.44, GFI = 0.911, TLI = 0.916, CFI = 0.929.

• Safety and Health at Work
• /
• v.2 no.4
• /
• pp.375-379
• /
• 2011

Control Banding (CB) strategies to prevent work-related illness and injury for 2.5 billion workers without access to health and safety professionals has grown exponentially this last decade. CB originates from the pharmaceutical industry to control active pharmaceutical ingredients without a complete toxicological basis and therefore no occupational exposure limits. CB applications have broadened into chemicals in general - including new emerging risks like nanomaterials and recently into ergonomics and injury prevention. CB is an action-oriented qualitative risk assessment strategy offering solutions and control measures to users through "toolkits". Chemical CB toolkits are user-friendly approaches used to achieve workplace controls in the absence of firm toxicological and quantitative exposure information. The model (technical) validation of these toolkits is well described, however firm operational analyses (implementation aspects) are lacking. Consequentially, it is often not known if toolkit use leads to successful interventions at individual workplaces. This might lead to virtual safe workplaces without knowing if workers are truly protected. Upcoming international strategies from the World Health Organization Collaborating Centers request assistance in developing and evaluating action-oriented procedures for workplace risk assessment and control. It is expected that to fulfill this strategy's goals, CB approaches will continue its important growth in protecting workers.