Abstract
This research paper focuses on the security of strategic information during the hiring process.  Information control and communication channel vulnerabilities are identified through the process-based risk assessment and human factor analysis. A control procedure is proposed to address these security concerns through system design and information flow improvements in the recruitment process. This proposed control procedure can also serve as a base model for different human resource functions to integrate and create uniformity in risk mitigation to maximize and streamline the management’s efforts and resources in managing the information related risks in different human resource processes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Khanmohammadi, K., Houmb, S.H.: Business Process-based Information Security Risk Assessment. In: 4th International Conference on Network and System Security (2010), http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5635519
Shappell, S.A.: The Human Factors Analysis and Classification System (HFACS), National Technical Information Service, Springfield, Virginia (2000), http://www.nifc.gov/fireInfo/fireInfo_documents/humanfactors_classAnly.pdf
NIST SP 800-53 Rev.3 Recommended Security Controls for Federal Information Systems and Organizations (2009), http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final_updated-errata_05-01-2010.pdf
FIPS PUB 199 Standards for Security Categorization of Federal Information and Information Systems (2004)
Solms, B.V.: Corporate Governance and Information Security. Computer and Security 20, 215–218 (2001)
NIST SP 800-53A Rev.1 Guide for Assessing the Security Controls in Federal Information Systems and Organizations, Building Effective Security Assessment Plans, http://csrc.nist.gov/publications/nistpubs/800-53A-rev1/sp800-53A-rev1-final.pdf
An Introduction to the Business Model for Information Security. Information Systems Audit and Control Association, ISACA (2009), http://www.isaca.org/Knowledge-Center/Research/Documents/Intro-Bus-Model-InfoSec-22Jan09-Research.pdf
Catano, V.M., et al.: Recruitment and Selection in Canada, 3rd edn., Toronto, Canada, pp. 3–11. Thomson Nelson (2005)
Flouris, T., Yilmaz, K.A.: The risk management framework to strategic human resource management. International Research Journal of Finance and Economics 36 (2010), http://www.eurojournals.com/irjfe_36_03.pdf
Rezende, R.V., Carvalho, C.S.: Selection of executives through in-house recruitment. In: Engineering Management Conference, Sao Paolo, pp. 356–359 (1994)
Dafoulas, G.A., Nikolau, A., Turega, M.: E-Service in the internet job market. In: 36th Hawaii International Conference on System Sciences (2003), http://www.hicss.hawaii.edu/HICSS36/HICSSpapers/DTESS04.pdf
Ruskova, N.: Decision Support System for Human Resource Appraisal and Selection. In: 1st International IEEE Symposium on Intelligent Systems, vol. 1, pp. 354–357 (2002)
Dart, D.: What Are the Real Costs of a Bad Hire? Ezine Articles, http://ezinearticles.com/?What-Are-The-Real-Costs-of-a-Bad-Hire?&id=6421866
Yager, F.: Costs of Hiring the Wrong Person Go beyond the Financial. eFinancialCareers (2011), http://news.efinancialcareers.com/News_ITEM/newsItemId-35369
Bardin, J.: The Brave New World of InfoSec, Moving to a Risk-Based Organization – NIST 800-37 Revision 1 (2010), http://blogs.csoonline.com/1188/moving_to_a_risk_based_organization_nist-800_37_rev_1
Barner, R.: Talent Wars in the Executive Suite. The Futurist 34(3), 35 (2000), http://www.allbusiness.com/management/534851-1.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Syed, K., Zavarsky, P., Lindskog, D., Ruhl, R., Aghili, S. (2012). Proposed Control Procedure to Mitigate the Risks of Strategic Information Outflow in the Recruitment Process. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2012. Lecture Notes in Computer Science, vol 7449. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32287-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-32287-7_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32286-0
Online ISBN: 978-3-642-32287-7
eBook Packages: Computer ScienceComputer Science (R0)