{"id":"https://openalex.org/W2620034723","doi":"https://doi.org/10.1108/ics-07-2016-0053","title":"Analysing information security in a bank using soft systems methodology","display_name":"Analysing information security in a bank using soft systems methodology","publication_year":2017,"publication_date":"2017-05-24","ids":{"openalex":"https://openalex.org/W2620034723","doi":"https://doi.org/10.1108/ics-07-2016-0053","mag":"2620034723"},"language":"en","primary_location":{"id":"doi:10.1108/ics-07-2016-0053","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-07-2016-0053","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://research.edgehill.ac.uk/ws/files/20198397/Analysing%20IS%20using%20SSM%20V2.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010352172","display_name":"Temesgen Kitaw Damenu","orcid":null},"institutions":[{"id":"https://openalex.org/I165525304","display_name":"Edge Hill University","ror":"https://ror.org/028ndzd53","country_code":"GB","type":"education","lineage":["https://openalex.org/I165525304"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Temesgen Kitaw Damenu","raw_affiliation_strings":["Department of Computing, Edge Hill University, Lancashire, UK"],"affiliations":[{"raw_affiliation_string":"Department of Computing, Edge Hill University, Lancashire, UK","institution_ids":["https://openalex.org/I165525304"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5073610826","display_name":"Chris Beaumont","orcid":"https://orcid.org/0000-0002-6421-4871"},"institutions":[{"id":"https://openalex.org/I165525304","display_name":"Edge Hill University","ror":"https://ror.org/028ndzd53","country_code":"GB","type":"education","lineage":["https://openalex.org/I165525304"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Chris Beaumont","raw_affiliation_strings":["Department of Computing, Edge Hill University, Lancashire, UK"],"affiliations":[{"raw_affiliation_string":"Department of Computing, Edge Hill University, Lancashire, UK","institution_ids":["https://openalex.org/I165525304"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5010352172"],"corresponding_institution_ids":["https://openalex.org/I165525304"],"apc_list":null,"apc_paid":null,"fwci":2.5257,"has_fulltext":true,"cited_by_count":26,"citation_normalized_percentile":{"value":0.91439689,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"25","issue":"3","first_page":"240","last_page":"258"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11572","display_name":"Information Technology Governance and Strategy","score":0.9847000241279602,"subfield":{"id":"https://openalex.org/subfields/1404","display_name":"Management Information Systems"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.569318413734436},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5546459555625916},{"id":"https://openalex.org/keywords/soft-systems-methodology","display_name":"Soft systems methodology","score":0.5393379330635071},{"id":"https://openalex.org/keywords/originality","display_name":"Originality","score":0.5340251922607422},{"id":"https://openalex.org/keywords/information-system","display_name":"Information system","score":0.4772990942001343},{"id":"https://openalex.org/keywords/information-governance","display_name":"Information governance","score":0.4760044515132904},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4718886613845825},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.4475935101509094},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.43624088168144226},{"id":"https://openalex.org/keywords/sample","display_name":"Sample (material)","score":0.4252350628376007},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.4023224115371704},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3376408517360687},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3354014456272125},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.32279881834983826},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.28869128227233887},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.229461669921875},{"id":"https://openalex.org/keywords/management-information-systems","display_name":"Management information systems","score":0.20912328362464905},{"id":"https://openalex.org/keywords/qualitative-research","display_name":"Qualitative research","score":0.1979639232158661},{"id":"https://openalex.org/keywords/sociology","display_name":"Sociology","score":0.18268626928329468},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.16305479407310486},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.1544511914253235},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.1359398365020752}],"concepts":[{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.569318413734436},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5546459555625916},{"id":"https://openalex.org/C141846272","wikidata":"https://www.wikidata.org/wiki/Q613474","display_name":"Soft systems methodology","level":4,"score":0.5393379330635071},{"id":"https://openalex.org/C2776950860","wikidata":"https://www.wikidata.org/wiki/Q2914681","display_name":"Originality","level":3,"score":0.5340251922607422},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.4772990942001343},{"id":"https://openalex.org/C189922023","wikidata":"https://www.wikidata.org/wiki/Q17056348","display_name":"Information governance","level":4,"score":0.4760044515132904},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4718886613845825},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.4475935101509094},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.43624088168144226},{"id":"https://openalex.org/C198531522","wikidata":"https://www.wikidata.org/wiki/Q485146","display_name":"Sample (material)","level":2,"score":0.4252350628376007},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.4023224115371704},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3376408517360687},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3354014456272125},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.32279881834983826},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.28869128227233887},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.229461669921875},{"id":"https://openalex.org/C29848774","wikidata":"https://www.wikidata.org/wiki/Q61905","display_name":"Management information systems","level":3,"score":0.20912328362464905},{"id":"https://openalex.org/C190248442","wikidata":"https://www.wikidata.org/wiki/Q839486","display_name":"Qualitative research","level":2,"score":0.1979639232158661},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.18268626928329468},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.16305479407310486},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.1544511914253235},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.1359398365020752},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C43617362","wikidata":"https://www.wikidata.org/wiki/Q170050","display_name":"Chromatography","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1108/ics-07-2016-0053","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-07-2016-0053","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"},{"id":"pmh:oai:pure.atira.dk:openaire/3d505c03-244a-4e6b-acfa-8da866e52c24","is_oa":true,"landing_page_url":"https://research.edgehill.ac.uk/en/publications/3d505c03-244a-4e6b-acfa-8da866e52c24","pdf_url":"https://research.edgehill.ac.uk/ws/files/20198397/Analysing%20IS%20using%20SSM%20V2.pdf","source":{"id":"https://openalex.org/S4306402462","display_name":"Edge Hill University Research Information Repository (Edge Hill University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I165525304","host_organization_name":"Edge Hill University","host_organization_lineage":["https://openalex.org/I165525304"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Temesgen Kitaw, D & Beaumont, C 2017, 'Analysing information security in a bank using soft systems methodology', Information and Computer Security, vol. 25, no. 3, pp. 240-258. https://doi.org/10.1108/ICS-07-2016-0053","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:repository.edgehill.ac.uk:8956","is_oa":false,"landing_page_url":"http://repository.edgehill.ac.uk/8956/1/Analysing%20IS%20using%20SSM%20V2.pdf","pdf_url":null,"source":{"id":"https://openalex.org/S4406922844","display_name":"Edge Hill University Research Archive","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article"}],"best_oa_location":{"id":"pmh:oai:pure.atira.dk:openaire/3d505c03-244a-4e6b-acfa-8da866e52c24","is_oa":true,"landing_page_url":"https://research.edgehill.ac.uk/en/publications/3d505c03-244a-4e6b-acfa-8da866e52c24","pdf_url":"https://research.edgehill.ac.uk/ws/files/20198397/Analysing%20IS%20using%20SSM%20V2.pdf","source":{"id":"https://openalex.org/S4306402462","display_name":"Edge Hill University Research Information Repository (Edge Hill University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I165525304","host_organization_name":"Edge Hill University","host_organization_lineage":["https://openalex.org/I165525304"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Temesgen Kitaw, D & Beaumont, C 2017, 'Analysing information security in a bank using soft systems methodology', Information and Computer Security, vol. 25, no. 3, pp. 240-258. https://doi.org/10.1108/ICS-07-2016-0053","raw_type":"info:eu-repo/semantics/publishedVersion"},"sustainable_development_goals":[{"display_name":"Partnerships for the goals","id":"https://metadata.un.org/sdg/17","score":0.4300000071525574}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2620034723.pdf","grobid_xml":"https://content.openalex.org/works/W2620034723.grobid-xml"},"referenced_works_count":31,"referenced_works":["https://openalex.org/W77672729","https://openalex.org/W126978142","https://openalex.org/W136761408","https://openalex.org/W183366406","https://openalex.org/W212776514","https://openalex.org/W229219465","https://openalex.org/W624366721","https://openalex.org/W840505890","https://openalex.org/W1508514464","https://openalex.org/W1970423488","https://openalex.org/W1980602065","https://openalex.org/W2000049229","https://openalex.org/W2009998162","https://openalex.org/W2026736862","https://openalex.org/W2049188895","https://openalex.org/W2049571112","https://openalex.org/W2067092684","https://openalex.org/W2080940090","https://openalex.org/W2081657462","https://openalex.org/W2087952459","https://openalex.org/W2088489410","https://openalex.org/W2118069404","https://openalex.org/W2128335704","https://openalex.org/W2130638840","https://openalex.org/W2131997083","https://openalex.org/W2138911059","https://openalex.org/W2149739119","https://openalex.org/W2157601222","https://openalex.org/W2231805777","https://openalex.org/W2253767063","https://openalex.org/W2612088164"],"related_works":["https://openalex.org/W1585855485","https://openalex.org/W2149739119","https://openalex.org/W2219986456","https://openalex.org/W2516800336","https://openalex.org/W1567258312","https://openalex.org/W3082241489","https://openalex.org/W196776657","https://openalex.org/W2586313830","https://openalex.org/W1502058423","https://openalex.org/W2557604914"],"abstract_inverted_index":{"Purpose":[0],"This":[1,113,184],"paper":[2,252],"aims":[3],"to":[4,13,70,201,233,254],"explore":[5],"the":[6,15,44,63,85,88,213,217,255,287],"use":[7],"of":[8,40,87,106,216],"soft":[9],"systems":[10],"methodology":[11],"(SSM)":[12],"analyse":[14],"socio-technical":[16],"information":[17,65,248],"security":[18,49,66,109,129,142,204,218,249],"issues":[19,130],"in":[20,43,104,247,269],"a":[21,31,37,116,174,225,237,275,290],"major":[22,32],"bank.":[23,33],"Design/methodology/approach":[24],"Case":[25],"study":[26,119,185,227],"research":[27,114],"was":[28,58,222],"conducted":[29],"on":[30,160],"Semi-structured":[34],"interviews":[35],"with":[36,92,102,157],"purposive":[38],"sample":[39],"key":[41],"stakeholders":[42],"business,":[45],"comprising":[46],"senior":[47],"managers,":[48],"professionals":[50],"and":[51,78,90,108,120,134,145,150,162,235,278],"branch":[52],"employees":[53,161],"were":[54,74,97],"conducted.":[55],"Findings":[56],"SSM":[57,172,195],"particularly":[59,210],"useful":[60],"for":[61,169,177,240,286],"exploring":[62],"holistic":[64,203,207],"issues,":[67],"enabling":[68],"models":[69],"be":[71,124,191],"constructed":[72],"which":[73,83],"valuable":[75],"analytical":[76],"tools":[77],"easily":[79],"understood":[80],"by":[81,193],"stakeholders,":[82],"increased":[84],"receptiveness":[86],"bank,":[89],"assisted":[91],"member":[93],"validation.":[94],"Significant":[95],"risks":[96],"apparent":[98],"from":[99,281],"internal":[100],"sources":[101],"weaknesses":[103],"aspects":[105],"governance":[107],"culture.":[110],"Research":[111],"limitations/implications":[112],"uses":[115],"single":[117],"case":[118,226,283],"whilst":[121],"it":[122,126,229,264],"cannot":[123],"generalised,":[125],"identifies":[127],"potential":[128],"others":[131],"may":[132,137],"face":[133],"solutions":[135],"they":[136],"apply.":[138],"Practical":[139],"implications":[140],"Information":[141],"is":[143,167,173,209,230,236,261,265],"complex":[144],"addresses":[146],"technical,":[147],"governance,":[148],"management":[149],"cultural":[151],"risks.":[152],"Banking":[153,221],"attacks":[154],"are":[155,245],"changing,":[156],"greater":[158],"focus":[159],"customers.":[163],"A":[164,206],"systemic":[165],"approach":[166,176,208],"required":[168],"full":[170],"consideration.":[171],"suitable":[175],"such":[178,270],"analysis":[179],"within":[180],"large":[181],"organisations.":[182],"Originality/value":[183],"demonstrates":[186],"how":[187],"important":[188,211,266],"benefits":[189],"can":[190],"obtained":[192],"using":[194],"alongside":[196],"traditional":[197],"risk":[198],"assessment":[199],"approaches":[200],"identify":[202],"issues.":[205],"given":[212],"increasing":[214],"complexity":[215],"threat":[219],"surface.":[220],"selected":[223],"as":[224,289],"because":[228],"both":[231],"critical":[232],"society":[234],"prime":[238],"target":[239],"attack.":[241],"Furthermore,":[242],"developing":[243],"economies":[244,271],"under-represented":[246],"research,":[250],"this":[251,282],"adds":[253],"evidence":[256],"base.":[257],"As":[258],"global":[259],"finance":[260],"highly":[262],"interconnected,":[263],"that":[267],"banks":[268],"do":[272],"not":[273],"comprise":[274],"weak":[276],"link,":[277],"hence,":[279],"results":[280],"have":[284],"value":[285],"industry":[288],"whole.":[291]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":9},{"year":2020,"cited_by_count":3},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2026-03-30T08:08:38.191290","created_date":"2025-10-10T00:00:00"}