{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T17:50:44Z","timestamp":1754157044696,"version":"3.41.2"},"reference-count":41,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[2010,6,15]],"date-time":"2010-06-15T00:00:00Z","timestamp":1276560000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010,6,15]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>Over the past decade, many small\u2010 and medium\u2010sized enterprises have incurred dramatic losses due to major disasters, causing loss of their business information systems and transaction data, so, they have started to outsource their information operations to data centers (DCs), in order to monitor critical business data operations. The purpose of this paper is to propose a dual\u2010sided business data integrity policy framework.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>Based on a review of the available literature, case studies, and in\u2010depth interviews with top CEOs and experts in the field, a fuzzy Delphi method is proposed in two frameworks. In addition, a risk evaluation rule is derived by applying Bayesian decision analysis to mitigate the risk and lower the cost in their outsourcing policy; and Delphi method is used to extract 11 DC service quality evaluation indicators and also use these indicators to conduct a benchmark in Taiwan. Furthermore, the proposed framework is applied to figure out critical service advantages as well as suggestions for the DC involved in the benchmark.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>The results of framework point out that enterprises should monitor the four operation elements (facility and infrastructure, server system management, information security management, and disaster recovery (DR) mechanism) to ensure and improve their data integrity; and DC firms need to build robust facilities and services in the five operation elements (customizability, serviceability, information technology infrastructure, security management, and knowledge intensity).<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>This paper uses a hybrid Delphi\u2010Bayesian method to propose a new framework, which is adequately integrated with the consensus of experts and business decision makers; higher professionalism and content validity are achieved. Enterprises can use these indicators to evaluate the service quality of DCs among DC firms. <\/jats:p><\/jats:sec>","DOI":"10.1108\/03684921011043260","type":"journal-article","created":{"date-parts":[[2010,7,3]],"date-time":"2010-07-03T07:12:34Z","timestamp":1278141154000},"page":"800-824","source":"Crossref","is-referenced-by-count":5,"title":["A hybrid Delphi\u2010Bayesian method to establish business data integrity policy"],"prefix":"10.1108","volume":"39","author":[{"given":"Ming\u2010Kuen","family":"Chen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shih\u2010Ching","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"key":"key2021010620352938200_b2","unstructured":"Bishop, T. (2008), \u201cBuilding a Better Data Center \u2013 the dos and don'ts of state\u2010of\u2010the\u2010art data center design\u201d, Wall Street & Technology, Vol. 26 No. 10, p. 36."},{"key":"key2021010620352938200_b1","unstructured":"Brenner, J. (2007), No Place to Hide, Risk Management, New York, NY, pp. 24\u20109."},{"key":"key2021010620352938200_b3","unstructured":"Carter, K. and Pultorak, D. (2003), \u201cITIL, COBIT, CMMI, balanced scorecard, IS\u20109000, six sigma: putting them all together\u201d, available at: www.pultorak.com\/www\/pdf_files (accessed November 1, 2005)."},{"key":"key2021010620352938200_b4","unstructured":"Chang, P.T., Huang, L.C. and Lin, H.J. (2000), \u201cThe fuzzy Delphi via fuzzy statistics and membership function fitting and an application to human resources\u201d, Fuzzy Sets and Systems, Vol. 112, pp. 511\u201020."},{"key":"key2021010620352938200_b5","unstructured":"Doherty, N.F. and Fulford, H. (2005), \u201cInformation security policies reduce the incidence of security breaches: an exploratory analysis\u201d, Information Resources Management Journal, Vol. 18 No. 4, pp. 21\u201040."},{"key":"key2021010620352938200_b6","unstructured":"Dugmore, J. (2004), \u201cBS15000: past, present and future\u201d, Servicetalk, Vol. 4."},{"key":"key2021010620352938200_b7","unstructured":"Eloff, J.H.P. and Eloff, M. (2005), \u201cIntegrated information security architecture\u201d, Computer Fraud & Security, Vol. 11, pp. 10\u201016."},{"key":"key2021010620352938200_b8","unstructured":"Gable, G.G. (1994), \u201cIntegrating case study and survey research methods: an example in information systems\u201d, European Journal of Information Systems, Vol. 3 No. 2, pp. 112\u201026."},{"key":"key2021010620352938200_b9","unstructured":"Ganek, A. and Kloeckner, K. (2007), \u201cAn overview of IBM service management\u201d, IBM Systems Journal, Vol. 46 No. 3, pp. 375\u201085."},{"key":"key2021010620352938200_b10","unstructured":"Garg, A., Curtis, J. and Halper, H. (2003), \u201cQuantifying the financial impact of information security breaches\u201d, Information Management & Computer Security, Vol. 77 No. 2, pp. 74\u201083."},{"key":"key2021010620352938200_b11","unstructured":"Glazer, R. (1993), \u201cMeasuring the value of information: the information intensive organization\u201d, IBM Systems Journal, Vol. 32, pp. 99\u2010110."},{"key":"key2021010620352938200_b12","unstructured":"Hinde, S. (2002), \u201cSecurity surveys spring crop\u201d, Computers and Security, Vol. 27 No. 4, pp. 310\u201021."},{"key":"key2021010620352938200_b14","doi-asserted-by":"crossref","unstructured":"Hone, K. and Eloff, J.H.P. (2002a), \u201cInformation security policy: what do international security standards say\u201d, Computers & Security, Vol. 27 No. 5, pp. 402\u20109.","DOI":"10.1016\/S0167-4048(02)00504-7"},{"key":"key2021010620352938200_b15","doi-asserted-by":"crossref","unstructured":"Hone, K. and Eloff, J.H.P. (2002b), \u201cWhat makes an effective information security policy\u201d, Network Security, Vol. 20 No. 6, pp. 14\u201016.","DOI":"10.1016\/S1353-4858(02)06011-7"},{"key":"key2021010620352938200_b13","doi-asserted-by":"crossref","unstructured":"Hong, K.Y., Chao, C.L. and Tang, J. (2003), \u201cAn integrated system theory of information security management\u201d, Information Management & Computer Security, Vol. 11 No. 4, pp. 243\u20108.","DOI":"10.1108\/09685220310500153"},{"key":"key2021010620352938200_b16","unstructured":"Iijima, T. (2006), \u201cIT outsourcing: can you really justify it?\u201d, The Journal of Corporate Accounting & Finance, Vol. 7 No. 5, pp. 41\u201050."},{"key":"key2021010620352938200_b21","unstructured":"ISO\/IEC 17799 (2005), \u201cInformation technology\/security techniques\/code of practice for information security management\u201d, ISO\/IEC 17799, ISO\/IEC, London."},{"key":"key2021010620352938200_b20","unstructured":"ISO\/IEC 20000\u20101 (2005), \u201cInformation technology \u2013 service management \u2013 Part 1: specification\u201d, ISO\/IEC 20000\u20101, ISO\/IEC, London."},{"key":"key2021010620352938200_b18","unstructured":"ITIL (2007), \u201cService management practices: V3 qualifications scheme\u201d, OGC, Version 1.4, available at: www.itil\u2010officialsite.com\/Qualifications\/ITILV3QualificationScheme.asp."},{"key":"key2021010620352938200_b17","unstructured":"ITIL Back Catalogue (2005), The Stationary Office, available at: www.tso.co.uk\/itil\/ (accessed November 15, 2009)."},{"key":"key2021010620352938200_b23","doi-asserted-by":"crossref","unstructured":"Jones, A. (2007), \u201cA framework for the management of information security risks\u201d, BT Technology Journal, Vol. 25 No. 1, pp. 30\u20106.","DOI":"10.1007\/s10550-007-0005-9"},{"key":"key2021010620352938200_b25","unstructured":"Lindenmayer, G. (2007), \u201cInformation security standards: the 10 keys to protecting your network\u201d, Risk Management, Vol. 54 No. 12, p. 11."},{"key":"key2021010620352938200_b27","unstructured":"McCarthy, M.P. and Campbell, S. (2001), Security Transformation, McGraw\u2010Hill, New York, NY."},{"key":"key2021010620352938200_b28","unstructured":"Murry, J.W. and Hommons, J.O. (1995), \u201cDelphi: a versatile methodology for conducting qualitative research\u201d, The Review of Higher Education, Vol. 18 No. 4, pp. 423\u201036."},{"key":"key2021010620352938200_b29","unstructured":"OGC, Ed. (2005), \u201cIntroduction ITIL\u201d, ser. IT Infrastructure Library, The Stationery Office, Norwich."},{"key":"key2021010620352938200_b31","unstructured":"Olli, V. (1997), \u201cBayesian decision analysis for environmental and resource management\u201d, Environmental Modelling & Software, Vol. 12 No. 2, pp. 177\u201085."},{"key":"key2021010620352938200_b32","unstructured":"Ovum Research (2007), available at: www.ovum.com\/expertise\/itservices\/ (accessed November 9, 2009)."},{"key":"key2021010620352938200_b33","unstructured":"Parker, D.B. (1997), \u201cThe strategic values of information security in business\u201d, Computers & Security, Vol. 16 No. 7, pp. 572\u201082."},{"key":"key2021010620352938200_b34","unstructured":"Radkevitch, U., Heck, E. and Koppius, O. (2006), \u201cLeveraging offshore IT outsourcing by SMEs through online marketplaces\u201d, Journal of Information Technology Case and Application Research, Vol. 8 No. 3, pp. 41\u201057."},{"key":"key2021010620352938200_b35","doi-asserted-by":"crossref","unstructured":"Rees, J., Bandyopadhyay, S. and Spafford, E.H. (2003), \u201cPFIRES: a policy framework for information security\u201d, Communications of the ACM, Vol. 46 No. 7, pp. 101\u20106.","DOI":"10.1145\/792704.792706"},{"key":"key2021010620352938200_b36","unstructured":"Ren\u00e9, S.G. (2005), \u201cInformation security management best practice based on ISO\/IEC 17799\u201d, Information Management Journal, Vol. 39 No. 4, pp. 60\u20106."},{"key":"key2021010620352938200_b37","unstructured":"Rycroft, S. and Tully, M. (2007), \u201cBuilding an information security meta standard\u201d, BT Technology Journal, Vol. 25 No. 1, pp. 37\u201041."},{"key":"key2021010620352938200_b38","unstructured":"Shenoy, P.P. (1992), \u201cValuation\u2010based systems for Bayesian decision analysis\u201d, Operations Research, Vol. 40 No. 3, pp. 463\u201084."},{"key":"key2021010620352938200_b39","doi-asserted-by":"crossref","unstructured":"Siponen, M. (2000), \u201cPolicies for construction of information systems' security guidelines\u201d, Proceedings of the 15th International Information Security Conference, Beijing.","DOI":"10.1007\/978-0-387-35515-3_12"},{"key":"key2021010620352938200_b40","unstructured":"Straub, D.W. and Welke, R.J. (1998), \u201cCoping with systems risk: security planning models for management decision making\u201d, MIS Quarterly, Vol. 22 No. 4, pp. 441\u201070."},{"key":"key2021010620352938200_b41","unstructured":"Tudor, J.K. (2000), Information Security Architecture \u2013 An Integrated Approach to Security in an Organization, Auerbach, Boca Raton, FL."},{"key":"key2021010620352938200_b42","unstructured":"Veiga, A.D. and Eloff, J.H.P. (2007), \u201cAn information security governance framework\u201d, Journal of Information Systems Management, Vol. 24 No. 4, pp. 361\u201073."},{"key":"key2021010620352938200_b43","doi-asserted-by":"crossref","unstructured":"von Solms, B. and von Solms, R. (2004), \u201cThe ten deadly sins of information security management\u201d, Computers & Security, Vol. 25, pp. 371\u20106.","DOI":"10.1016\/j.cose.2004.05.002"},{"key":"key2021010620352938200_b44","unstructured":"Xiaomo, J. and Sankaran, M. (2007), \u201cBayesian risk\u2010based decision method for model validation under uncertainty\u201d, Reliability Engineering & System Safety, Vol. 92 No. 6, pp. 707\u201018."},{"key":"key2021010620352938200_b45","unstructured":"Yang, J.M., Kim, J.G. and Im, J.I. (2007), \u201cP\u2010IDC: information security and consideration in building internet data centers for pervasive environment\u201d, in Advances in Web and Network Technologies, and Information Management, Lecture Notes in Computer Science, Vol. 4537, Springer, Berlin, pp. 583\u201092."},{"key":"key2021010620352938200_b46","unstructured":"Zadeh, L.A. (1965), \u201cFuzzy sets\u201d, Information and Control, Vol. 8, pp. 338\u201053."}],"container-title":["Kybernetes"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/03684921011043260","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/03684921011043260\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/03684921011043260\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T23:26:57Z","timestamp":1753399617000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/k\/article\/39\/5\/800-824\/450360"}},"subtitle":["A benchmark data center case study"],"editor":[{"given":"Desheng","family":"Dash Wu","sequence":"first","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2010,6,15]]},"references-count":41,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2010,6,15]]}},"alternative-id":["10.1108\/03684921011043260"],"URL":"https:\/\/doi.org\/10.1108\/03684921011043260","relation":{},"ISSN":["0368-492X"],"issn-type":[{"type":"print","value":"0368-492X"}],"subject":[],"published":{"date-parts":[[2010,6,15]]}}}