{"title":"利用 ASIS ESRM 成熟度模型衡量肯尼亚高等教育机构采用企业安全风险管理的情况","authors":"Levis Omusugu Amuya, Peterson Mwai Kariuki","doi":"10.1057/s41284-024-00418-4","DOIUrl":null,"url":null,"abstract":"<p>Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.</p>","PeriodicalId":47023,"journal":{"name":"Security Journal","volume":null,"pages":null},"PeriodicalIF":0.2000,"publicationDate":"2024-02-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Measuring the adoption of Enterprise Security Risk Management in Kenya’s higher education using the ASIS ESRM Maturity Model\",\"authors\":\"Levis Omusugu Amuya, Peterson Mwai Kariuki\",\"doi\":\"10.1057/s41284-024-00418-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.</p>\",\"PeriodicalId\":47023,\"journal\":{\"name\":\"Security Journal\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.2000,\"publicationDate\":\"2024-02-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Security Journal\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1057/s41284-024-00418-4\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"0\",\"JCRName\":\"LANGUAGE & LINGUISTICS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1057/s41284-024-00418-4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"0","JCRName":"LANGUAGE & LINGUISTICS","Score":null,"Total":0}
Measuring the adoption of Enterprise Security Risk Management in Kenya’s higher education using the ASIS ESRM Maturity Model
Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.
期刊介绍:
The?Security Journal?is a dynamic publication that keeps you informed about the latest developments and techniques in security management. Written in an accessible style it is the world's premier peer-reviewed journal for today's security researcher and professional. The journal is affiliated to ASIS International and has an advisory board which includes representatives from major associations expert practitioners and leading academics.The?Security Journal?publishes papers at the cutting edge in developing ideas and improving practice focusing on the latest research findings on all aspects of security. Regular features include personal opinions and informed comment on key issues in security as well as incisive reviews of books videos and official reports.What are the benefits of subscribing?Learn from evaluations of the latest security measures policies and initiatives; keep up-to-date with new techniques for managing security as well as the latest findings and recommendations of independent research; understand new perspectives and how they inform the theory and practice of security management.What makes the journal distinct?Articles are jargon free and independently refereed; papers are at the cutting edge in developing ideas and improving practice; we have appointed an Advisory Board which includes representatives from leading associations skilled practitioners and the world's leading academics.How does the journal inform?The?Security Journal?publishes innovative papers highlighting the latest research findings on all aspects of security; incisive reviews of books videos and official reports; personal opinions and informed comment on key issues.Topics covered include:fraudevaluations of security measuresshop theftburglaryorganised crimecomputer and information securityrepeat victimisationviolence within the work placeprivate policinginsuranceregulation of the security industryCCTVtaggingaccess controlaviation securityhealth and safetyarmed robberydesigning out crimesecurity staffoffenders' viewsPlease note that the journal does not accept technical or mathematic submissions or research based on formulas or prototypes.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
