136 J. Wei, L C Liu and K.S. Koong module(device)of this framework. The software component is covered by two modules (language and transaction). The network is covered by three modules(device, network access control, and access management), while the data is covered by four modules (device, network access control, access management and transaction). The people resource in information systems is required in all the five layers. Since these resources are mutually dependent on each other and encompass the earlier layers, it can concluded that the proposed framework does have high theoretical construct validity. Table 1 Comparisons of five layers in the framework with five resource components in Four component Five lavers Hardware Sofware Network Data People X X Language 4 Assessment of the m-commerce security framework In this study, two assessment methods are used to demonstrate how the m-commerce security framework proposed can actually be measured and evaluated. Both the methods are based on weighted performance scores that can be easily obtained from a variety of sources such as records in corporate archives or surveys of experts using a Delphi technique. The two examples are the spider-weighted and relative-weighted methods 4.1 The spider-weighted assessment method Based on the 5-S concept that originated in Japan, the spider-weighted method calls for regularly scoring each area within a facility on five characteristics related to good housekeeping and organisation of work space. Western companies have adapted and chosen their own meanings for implementing this assessment tool. For example, Boeings version of the 5-Ss covers sorting, sweeping, simplifying, standardising, and self-discipline. The 5-S system usually entails public display of scoring against the 5-Ss. Some companies employ spider diagrams as the display device(Knod and Schonberger, 2001) Similarly, in the first assessment example here, a spider diagram is also used as the display device(M) of the proposed model. The raw diagram has five arms that extends outward from a central point. Each arm representing one of the M,'s has a scale from zero to five points. A five at the outer boundary for each arm is the target for perfect security. a designated outside rater can be asked to rate each unit. The rater could be higher-level manager, a quality engineer, or security manager. When the scores or dots are connected to the arms, the rater will find a simple web. The larger the web, the closer it is to the five points at the outer boundary. Incidentally, along with the discipline of136 J. Wei, L.C. Liu and K.S. Koong module (device) of this framework. The software component is covered by two modules (language and transaction). The network is covered by three modules (device, network access control, and access management), while the data is covered by four modules (device, network access control, access management and transaction). The people resource in information systems is required in all the five layers. Since these resources are mutually dependent on each other and encompass the earlier layers, it can be concluded that the proposed framework does have high theoretical construct validity. Table 1 Comparisons of five layers in the framework with five resource components in information systems Four components Five layers Hardware Software Network Data People Device X X X X Language X X Network access control X X X Access management X X X X Transaction X X 4 Assessment of the m-commerce security framework In this study, two assessment methods are used to demonstrate how the m-commerce security framework proposed can actually be measured and evaluated. Both the methods are based on weighted performance scores that can be easily obtained from a variety of sources such as records in corporate archives or surveys of experts using a Delphi technique. The two examples are the spider-weighted and relative-weighted methods. 4.1 The spider-weighted assessment method Based on the 5-S concept that originated in Japan, the spider-weighted method calls for regularly scoring each area within a facility on five characteristics related to good housekeeping and organisation of work space. Western companies have adapted and chosen their own meanings for implementing this assessment tool. For example, Boeing’s version of the 5-Ss covers sorting, sweeping, simplifying, standardising, and self-discipline. The 5-S system usually entails public display of scoring against the 5-Ss. Some companies employ spider diagrams as the display device (Knod and Schonberger, 2001). Similarly, in the first assessment example here, a spider diagram is also used as the display device (M) of the proposed model. The raw diagram has five arms that extends outward from a central point. Each arm representing one of the M’s has a scale from zero to five points. A five at the outer boundary for each arm is the target for perfect security. A designated outside rater can be asked to rate each unit. The rater could be a higher-level manager, a quality engineer, or security manager. When the scores or dots are connected to the arms, the rater will find a simple web. The larger the web, the closer it is to the five points at the outer boundary. Incidentally, along with the discipline of