利用 ASIS ESRM 成熟度模型衡量肯尼亚高等教育机构采用企业安全风险管理的情况

IF 0.2 0 LANGUAGE & LINGUISTICS
Levis Omusugu Amuya, Peterson Mwai Kariuki
{"title":"利用 ASIS ESRM 成熟度模型衡量肯尼亚高等教育机构采用企业安全风险管理的情况","authors":"Levis Omusugu Amuya, Peterson Mwai Kariuki","doi":"10.1057/s41284-024-00418-4","DOIUrl":null,"url":null,"abstract":"<p>Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.</p>","PeriodicalId":47023,"journal":{"name":"Security Journal","volume":"13 1","pages":""},"PeriodicalIF":0.2000,"publicationDate":"2024-02-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Measuring the adoption of Enterprise Security Risk Management in Kenya’s higher education using the ASIS ESRM Maturity Model\",\"authors\":\"Levis Omusugu Amuya, Peterson Mwai Kariuki\",\"doi\":\"10.1057/s41284-024-00418-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.</p>\",\"PeriodicalId\":47023,\"journal\":{\"name\":\"Security Journal\",\"volume\":\"13 1\",\"pages\":\"\"},\"PeriodicalIF\":0.2000,\"publicationDate\":\"2024-02-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Security Journal\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1057/s41284-024-00418-4\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"0\",\"JCRName\":\"LANGUAGE & LINGUISTICS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1057/s41284-024-00418-4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"0","JCRName":"LANGUAGE & LINGUISTICS","Score":null,"Total":0}
引用次数: 0

摘要

企业安全风险管理(ESRM)在业界越来越受欢迎,尤其是在美国工业安全协会(ASIS International)于 2016 年将其提升为战略重点之后。然而,对其采用情况的研究却鲜有人关注,尤其是在文化、结构等方面往往存在突出差异的大学中。在本文中,我们利用 2019 ASIS ESRM 成熟度模型的流程指标和大学安全管理人员的见解,对肯尼亚经认证的大学的 ESRM 成熟度进行了自我评估。研究结果显示,超过 35% 的经认证大学在采用 ESRM 方面达到了高级水平,超过 57% 的大学处于平均或中等水平,主要是第 3 级。与私立大学相比,公立大学的 ESRM 应用水平更高。研究还发现了所用术语的差异,其中 60% 使用 "安全风险管理 (SRM)",35% 使用 "大学风险管理",少数采用 ESRM。对 "企业 "一词的不习惯表明,需要开展提高认识和宣传计划。我们认为,与ESRM的最佳采用者建立基准,提高对ESRM的认识并将其纳入战略规划和机构管理,对于高等教育的全面安全风险管理至关重要。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Measuring the adoption of Enterprise Security Risk Management in Kenya’s higher education using the ASIS ESRM Maturity Model

Enterprise Security Risk Management (ESRM) is gaining popularity in industry circles, especially after the American Society of Industrial Security (ASIS International) elevated it as its strategic priority in 2016. However, research on its adoption has attracted little attention, especially in universities which are often characterized by outstanding variations in culture, structure, and more. In this paper, we conduct a self-assessment of ESRM maturity in Kenya’s accredited universities using process metrics of the 2019 ASIS ESRM Maturity Model and insights from university security executives. The findings reveal that more than 35% of accredited universities have achieved advanced levels of ESRM adoption, with over 57% at average or middle levels, predominantly at Level 3. Public accredited universities exhibit higher ESRM adoption levels compared to their private counterparts. The study also identifies variations in the terminology used, with 60% using “Security Risk Management (SRM),” 35% using “University Risk Management,” and a minority adopting ESRM. The discomfort with the “enterprise” term indicates a need for awareness and sensitization programs. We argue that benchmarking with optimized ESRM adopters and increasing awareness and integration of ESRM in strategic planning and institutional governance are crucial for comprehensive security risk management in higher education.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
3.50
自引率
0.00%
发文量
35
期刊介绍: The?Security Journal?is a dynamic publication that keeps you informed about the latest developments and techniques in security management. Written in an accessible style it is the world's premier peer-reviewed journal for today's security researcher and professional. The journal is affiliated to ASIS International and has an advisory board which includes representatives from major associations expert practitioners and leading academics.The?Security Journal?publishes papers at the cutting edge in developing ideas and improving practice focusing on the latest research findings on all aspects of security. Regular features include personal opinions and informed comment on key issues in security as well as incisive reviews of books videos and official reports.What are the benefits of subscribing?Learn from evaluations of the latest security measures policies and initiatives; keep up-to-date with new techniques for managing security as well as the latest findings and recommendations of independent research; understand new perspectives and how they inform the theory and practice of security management.What makes the journal distinct?Articles are jargon free and independently refereed; papers are at the cutting edge in developing ideas and improving practice; we have appointed an Advisory Board which includes representatives from leading associations skilled practitioners and the world's leading academics.How does the journal inform?The?Security Journal?publishes innovative papers highlighting the latest research findings on all aspects of security; incisive reviews of books videos and official reports; personal opinions and informed comment on key issues.Topics covered include:fraudevaluations of security measuresshop theftburglaryorganised crimecomputer and information securityrepeat victimisationviolence within the work placeprivate policinginsuranceregulation of the security industryCCTVtaggingaccess controlaviation securityhealth and safetyarmed robberydesigning out crimesecurity staffoffenders' viewsPlease note that the journal does not accept technical or mathematic submissions or research based on formulas or prototypes.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信