My research is mainly in decision analysis, with recent applications in cybersecurity, military, and defense. I also have experience with inventory, especially spare parts. I help organizations make better decisions, which extends to many application areas.
Cybersecurity
My published research in cybersecurity primarily addresses metrics, best practices, and human behavior. My main focus right now is cyber, physical, and insider threats to voting processes, especially at polling places. This includes a model insider threat risk management as well as training for poll workers. Visit my Media for a profile of my student team’s work in cybersecurity and for news articles related to my work in elections security.
Elections Security
Protecting Maryland’s Mail Voting Processes through Poll Worker Training
Vanessa Gregorio, Josh Dehlinger, Natalie M. Scala
Baltimore Business Review: A Maryland Journal, , p. 26-30, 2024
The COVID-19 pandemic necessitated the broadening of vote-by-mail opportunities to allow for safe and accessible access to cast a ballot. Maryland residents can also now choose to permanently vote by mail, receiving a ballot for each election. The nearly 1 million poll workers needed nationwide to administer a General Election are oftentimes the first line of defense in maintaining the integrity and security of elections. This paper further contributes to improving the security and integrity of election infrastructure through cyber, physical, and insider threat training for poll workers explicitly for the vote-by-mail processes. Specifically, this paper details the design, validation, and dissemination of a vote-by-mail threat training module.
Preparing Poll Workers to Secure U.S. Elections
Natalie M. Scala, Josh Dehlinger, Lorraine Black
Proceedings of the American Society for Engineering Management 2023 International Annual Conference
With their pivotal role as the first line of defense on Election Day, poll workers bear the responsibility of identifying and thwarting any potential threats that may arise. However, despite their crucial role, poll workers receive minimal, if any, specific training on security threats prior to elections. To address this gap, this research investigates poll worker threat awareness through developing, piloting, and evaluating online threat training modules for poll workers. Through statistical analysis, we show the training modules are effective in increasing poll workers' understanding of cyber, physical, and insider threats and how to mitigate them.
Evaluating Mail-Based Security for Electoral Processes Using Attack Trees
Natalie M. Scala, Paul L. Goethals, Josh Dehlinger, Yeabsira Mezgebe, Betelhem Jilcha, Isabella Bloomquist
Risk Analysis, 42(10), p. 2327-2343, 2022
The objective of this research is to provide greater insight into potential threats to mail-based voting processes. Upon identifying an attack tree provided by the Elections Assistance Commission as an initial structure for evaluation, new threats are postulated, and an updated tree is proposed that accounts for more recent activities related to adaptive adversaries and COVID-19. Then, using an established assessment framework, the relative likelihood of each mail-based voting process attack scenario is identified. The results facilitate providing election officials and policy makers with greater knowledge of how mail-based voting system vulnerabilities develop as well as specific security measures that may be most beneficial. Additional info: Voting Methods by State During 2020 Elections; HotSoS Presentation
Securing Organizations from Within: Opportunities and Challenges of Trusted Insiders
Natalie M. Scala, Josh Dehlinger, Yeabsira Mezgebe
Baltimore Business Review: A Maryland Journal, p. 16-20, 2022
This paper discusses awareness of insider risk in organizations, identifying actions that can be taken to address and mitigate threat. We also discuss the industry trend of shifting from reactive to proactive insider risk management, as well as the role AI and machine learning have had in identifying and managing risk. Specifically, the Security Behaviors Intentions Scale (SeBIS) has been used to build AI models for insider risk, and we provide a high-level overview of one such model for elections poll workers, who are trusted insiders responsible for managing and executing an election, by having access to critical infrastructure and ballots.
A PROCESS MAP AND RISK ASSESSMENT FOR MAIL-BASED VOTING
Natalie M. Scala, Isabella Bloomquist, Yeabsira Mezgebe, Betelhem Jilcha, Paul L. Goethals, Josh Dehlinger
Proceedings of the 2021 IISE Annual Conference
This paper develops a process model for mail-based voting and also identifies and maps cyber, physical, and insider threats to the process. We apply a utility-based methodology for assessing threat to evaluate the process model scenarios and nodes. We illustrate the model using Maryland’s mail-based voting process as a case study and identify nodes or activities of concern due to higher relative risk. Results provide election officials insight on how voting system vulnerabilities develop and when and where to employ mitigating security measures. Mail Voting Process Node Descriptions
POLLWORKER SECURITY: ASSESSMENT AND DESIGN OF USABILITY AND PERFORMANCE
Josh Dehlinger, Saraubi Harrison, Natalie M. Scala
Proceedings of the 2021 IISE Annual Conference
This paper discusses improving the security of election infrastructure through intentional, targeted, cyber, physical, and insider threat training for poll workers. We detail the engineering design, pedagogy, and deployment of online, election-specific, threat training modules. Results of a System Usability Scale assessment indicate the content and online platform are easy to interact with and use. Further, the developed modules were piloted and then deployed in a mid-Atlantic state; participating counties include over 1,900 poll workers who serve nearly 750,000 voters.
Empowering election judges to secure our elections
Natalie M. Scala, Josh Dehlinger, Lorraine Black, Saraubi Harrison, Katerine Delgado Licona, Aikaterini Ieromonahos
Baltimore Business Review: A Maryland Journal, p. 8-12, 2020
This paper presents training modules for poll workers to identify and respond to potential cyber, physical, and insider threats that may emerge at polling places. We present the design of the modules and discuss the methods for deploying them as training. The modules are used by counties in Maryland during the 2020 Presidential Election cycle. PDF; Additional information: Questions used in pre-post-test
Protecting Maryland’s Voting processes
Megan Price, Natalie M. Scala, Paul L. Goethals
Baltimore Business Review: A Maryland Journal, p. 36-39, 2019
This paper outlines two research projects that specifically address the security of Maryland’s voting processes. The first is a preliminary risk model for cyber, physical, and insider threats to polling places. The model evaluates vulnerabilities in the voting process and recommends how the State of Maryland should focus resources to combat threat. The second project involves creating training modules for poll workers so that they can identify and respond to cyber, physical, and insider threats.
sources of risk in elections security
Hannah Locraft, Priya Gajendiran, Megan Price, Natalie M. Scala, Paul L. Goethals
Proceedings of the 2019 IISE Annual Conference
This research examines sources of risk in voting systems, identifies potential vulnerabilities in voting processes, and suggests a risk model framework to assess and mitigate vulnerabilities. We examine patterns and trends in a state’s elections security and the characteristics of its voting processes. We also present diagrams of sources of cyber, physical, and insider risk to voting processes and discuss an outline of a Markov model to assess evolving threat. Correlation Matrix Data
other applications
TRUSTED INSIDERS AND THE TEMPTATION TO TALK: PREVENTING UNAUTHORIZED DISCLOSURES
Sara Freedman, James Raymond, Taylor Seaman, Natalie M. Scala
Baltimore Business Review: A Maryland Journal, p. 14-18, 2023
External disclosures of an organization’s protected or proprietary information prior to authorization can cause incalculable damage. This research explores the causes and motivations behind individuals’ decisions to disclose, which include negative work environments, shortcomings in security training, poor security attitudes and approaches, and lack of reporting. We develop four categories of recommendations to mitigate and prevent such events: modifications to training, shifts in work environment, implementation of leadership training, and development of more accessible reporting mechanisms. Within each of these four categories, corresponding recommendations and implementation strategies are summarized.
Operations Research
Paul L. Goethals, Natalie M. Scala, and Nathaniel D. Bastian
Chapter 7 of Mathematics in Cyber Research, CRC Press, p. 233-266, 2022
This chapter provides an overview of applications of operations research and prescriptive analytics techniques the cyber realm. In particular, the chapter focuses on decision analysis, mathematical optimization, and stochastic process modeling. Case studies in elections security (utility theory), network interdiction (optimization), and malware spread (stochastic process modeling) are included to illustrate the covered topics.
A model for and inventory of cybersecurity values: Metrics and best practices
Natalie M. Scala and Paul L. Goethals
Chapter 14 of the Handbook of Military and Defense Operations Research, CRC Press, p. 305-330, 2020
We propose a cybersecurity value model for security metrics and best practices that is supported by industry-based data and interviews with subject matter experts. We illustrate the value model using the supply chain as a case study, but propose an overall framework that can be customized for any organization or industry. We also contribute an inventory of valued components of a secure cyber system, identified through a survey of cyber professionals. This survey also examined potential differences in values based on an organization’s history of attacks and/or breaches. Results will enable organizations to assess the performance of their respective cyber systems, manage risk, and continuously improve their cybersecurity posture.
Risk and the Five hard problems of cybersecurity
Natalie M. Scala, Allison C. Reilly, Paul L. Goethals, Michel Cukier
Risk Analysis: An International Journal, 39(10), p. 2119-2126, 2019
We consider the Five Hard Problems (5HP) as defined by Science of Security (SoS) initiative at the National Security Agency and encourage the application of risk analysis principles to cybersecurity research. The 5HP are (1) scalability and composability; (2) policy‐governed secure collaboration; (3) security‐metrics–driven evaluation, design, development, and deployment; (4) resilient architectures; and (5) understanding and accounting for human behavior. We show how risk analysis can be applied to each hard problem to enable growth and insight in both cybersecurity and risk research. AAM via Wiley Self-Archiving Policy
Values and Trends in Cybersecurity
Lorraine Black, Natalie M. Scala, Paul L. Goethals, James P. Howard, II
Proceedings of the 2018 Industrial and Systems Engineering Research Conference
We survey information technology professionals as well as small legal firms and solo practitioners to understand what they value in a secure cyber system. We identify differences in values between the two populations as well as how a previous attack or breach can affect value. Finally, we provide an inventory of values, as identified by the survey respondents, which can be inputs to a value model.
Best Practices in Cybersecurity: Processes and Metrics
Jasmin Farahani, Natalie M. Scala, Paul Goethals, Adam Tagert
Baltimore Business Review: A Maryland Journal, p. 28-32, 2016
This paper draws attention to the nature and severity of cyberattacks, especially breaches that have occurred in the State of Maryland. We identify a selection of metrics and best practices that can be implemented to increase cybersecurity posture as well as outline an agenda for research.
A Review of and Agenda for Cybersecurity Policy Models
Natalie M. Scala, Paul Goethals
Proceedings of the 2016 Industrial and Systems Engineering Research Conference
We review three cybersecurity policy models: the three tenets model, attack graph and attack surface models, and the cybersecurity heuristic model. We also outline a value based research model for cyber metrics.
Military and Defense Applications
Decision analysis has a rich history in military and defense related applications, and it is important to utilize perspectives from academia and outside of the traditional service branches when solving these really complex and important problems. My research uses value and decision modeling to quantify attributes and enable decision makers to select optimal and/or preferred alternatives.
Eliminating the Weakest Link Approach in Army Unit Readiness
Paul L. Goethals, Natalie M. Scala
Decision Analysis, 15(2), p. 110-130, 2018
We examine the United States Army’s readiness metrics, as outlined in AR-220-1, and propose an improvement in the composite metric, in order to evaluate units with greater precision, flexibility, and robustness. Our desirability function approach measures readiness based upon a set of priorities, adapting for type of mission and unit. Accurate assessments of readiness are crucial, as the level of Army readiness drives federal funding, defense policy, and deployment decisions. AAM via INFORMS Green Option
This research was selected as a co-winner of Innovative Decisions, Inc.’s 2019 Bucky Award for contributions to the analytic community.
A Value Model for Asset Tracking Technology to Support Naval Sea-Based Resupply
Natalie M. Scala, Jennifer Pazour
Engineering Management Journal, 28(2), p. 120-130, 2016
Naval seabasing is a dense storage environment and requires specialized logistics to fulfill emergent requests for tailored resupply packages while at sea. We develop a value model to identify the preferred technology to track inventory assets while stored in this dense environment. Evaluated technologies include radio frequency identification, barcoding, internal positioning systems (IPS), and camera-aided technology. We conclude that IPS is the preferred asset tracking technology in the seabasing environment. An adapted version of this paper is available within the following Defense Technical Information Center report: link to report. AAM via Copyright Policy
Multi-objective Decision Analysis for Workforce Planning: A Case Study
Natalie M. Scala, Richard Kutzner, Dennis Buede, Christopher Ciminera, Alicia Bridges
Proceedings of the 2012 Industrial and Systems Engineering Research Conference
We create a value model to evaluate the preferred ratio of civilian, contractor, and military personnel for an engineering related work role in the defense environment.
Spare Parts
My dissertation studied spare parts at nuclear power plants. Spares are particularly interesting in this environment, as many exhibit extremely intermittent demand while possibly having plant safety implications. The overall research enabled the case study company to save 18% of its total spares inventory volume.
Managing Nuclear Spare Parts Inventories: A Data Driven Methodology
Natalie M. Scala, Jayant Rajgopal, Kim LaScola Needy
IEEE Transactions on Engineering Management, 61(1), p. 28-37, 2014
This paper outlines and summarizes a four part methodology for managing nuclear spare parts: (1) influence diagram of relevant factors, (2) weighting influences via the Analytic Hierarchy Process, (3) assigning parts to groups using inventory criticality indices, and (4) base stock inventory policy for each group of parts. This is a data driven methodology that can be used to manage the entire nuclear spare parts process, or portions may be used to manage components of the overall process. AAM via IEEE Post-Publication Policy
Influence Diagram Modeling of Nuclear Spare Parts Process
Natalie M. Scala, Jayant Rajgopal, Kim LaScola Needy
Proceedings of the 2010 Industrial Engineering Research Conference
This paper details the first step in the nuclear spare parts methodology, and develops an influence diagram for the spare parts process. Thirty-four influences were identified and grouped into seven themes, driving best practices for process continuous improvement.
Using the Analytic Hierarchy Process in Group Decision Making for Nuclear Spare Parts
Natalie M. Scala, Kim LaScola Needy, Jayant Rajgopal
31st ASEM National Conference, 2010
This paper details the second step in the nuclear spare parts methodology and specifically presents the interview protocol used for subject matter expert (SME) elicitation. Examples of SME responses and data collection are also discussed.
An Inventory Criticality Classification Method for Nuclear Spare Parts: A Case Study
Natalie M. Scala, Jayant Rajgopal, Kim LaScola Needy
Chapter 15 of Decision Making in Service Industries: A Practical Approach, CRC Press, p. 365-392, 2012
This paper details the third step in the nuclear spare parts methodology and develops criticality indices for spare parts inventory. Parts are then assigned to groups based on a criticality score, which is derived from part performance against the weighted influences. Three overall groups of parts are defined.
A Base Stock Inventory Management System for Intermittent Spare Parts
Natalie M. Scala, Jayant Rajgopal, Kim LaScola Needy
Military Operations Research, 18(3), p. 63-77, 2013
This paper details the fourth step in the nuclear spare parts methodology and develops base stock inventory policies for each group of parts. We use a historical numerical simulation to identify inventory levels that minimize the overall spare parts investment while following a user-defined risk tolerance profile.
Risk and Spare Parts Inventory in Electric Utilities
Natalie M. Scala, Jayant Rajgopal, Kim LaScola Needy
Proceedings of the 2009 Industrial Engineering Research Conference
We discuss risk in the context of nuclear power generation and utilities. We also provide a research agenda for incorporating risk and costs into a quantitative decision analysis framework for controlling spare parts inventories.
Decision Making and Tradeoffs in the Management of Spare Parts Inventory at Utilities
Natalie M. Scala, Kim LaScola Needy, Jayant Rajgopal
30th ASEM National Conference, 2009
We discuss tradeoffs, in a deregulated generation environment, associated with holding large amounts of spare parts inventory versus the potential revenue losses if a nuclear generation plant were to go off-line. We also explore potential forecasting methods for nuclear spare parts and establish that many parts exhibit highly intermittent demand patterns.
Spare Parts Management for Nuclear Power Generation Facilities
Natalie M. Scala
My dissertation discusses the four part inventory management methodology for nuclear spare parts, and includes details beyond my journal and conference papers.
Other Areas
My research can be broadly classified as decision analysis, so many of these papers examine applications of decision models in various contexts. I’ve also done some work in post-secondary education, specifically examining how business and engineering students are motivated to learn analytics.
Group Decision Making with Dispersion in the Analytic Hierarchy Process
Natalie M. Scala, Jayant Rajgopal, Luis Vargas, Kim LaScola Needy
Group Decision and Negotiation, 25(2), p. 355-372, 2016
This is a theory paper that develops a method for aggregating a group of decision maker judgments in the Analytic Hierarchy Process (AHP). This method should be used when the decision makers are dispersed and unwilling or unable to revise their judgments. It can also be used to determine weights for homogeneous decision makers when using the weighted geometric mean for aggregation. AAM via Springer Policy
Motivation and Analytics: Comparing Business and Engineering Students
Natalie M. Scala, Stella Tomasi, Andrea Goncher, Karen Bursic
INFORMS Transactions on Education, 19(1), p. 1-11, 2018
This research examines differences between business and engineering students in motivation to learn analytics. We find that effective approaches for teaching analytics vary by major. Business students can be influenced towards a positive attitude and thus be motivated to perform better. Caring instructors who demonstrate the relevance of the material in the classroom can help to influence positive attitudes among business students. Visit my Media page for a profile of this article.
Scheduling and project Management
The Gold Standard: Developing a Maturity Model to Assess Collaborative Scheduling
Natalie M. Scala, Min Liu, Thais da Costa Lago Alves, Vincent Schiavone, Dominique Hawkins
Engineering, Construction and Architectural Management, 30(4), p. 1636-1656, 2023.
This research provides a usable maturity model for collaborative scheduling (CS), especially in the construction industry. Via subject matter expert elicitation and focus groups, the maturity model establishes five pillars of collaboration—scheduling significance, planners and schedulers, scheduling representation, goal alignment with owner, and communication. Statistical analysis shows that current industry projects are not consistent in collaboration practice implementation, and the maturity model identifies areas for collaboration improvement. The findings provide a benchmark for self-evaluation and peer-to-peer comparison for project managers. The model is also useful for project managers to develop effective strategies for improvement on targeted dimensions and metrics. AAM Final Draft via Emerald Open Research Policy
Comparative Analysis of Planning with the Critical Path Method, Last Planner System, and Location-Based Techniques in Brazil, Finland, and the United States
Natalie M. Scala, Vincent Schiavone, Hylton Olivieri, Olli Seppanen, Thais Alves, Min Liu, Ariovaldo Denis Granja
Engineering Management Journal, 35(3), p. 237-256, 2023.
We examine the Critical Path Method (CPM), Last Planner System (LPS) and Line of Balance (LB) for differences and similarities of these methods in terms of their use in different countries. The study compares three countries (Brazil, Finland, and United States) and the methods to evaluate both intra- and inter-country implementation to gain additional insights about their use. Results suggest statistically significant intra- and inter-country differences regarding how these methods are used, with a specific focus on mechanics in the countries. The results reflect the current state of practice; engineering and construction managers should understand different ways of understanding scheduling, especially when working with foreign teams. AM Final Draft via Taylor and Francis Publication Policy
Prioritizing Collaborative SCheduling Practices Based on Their impact on project Performance
Chuanni He, Min Liu, Thais da C. L. Alves, Natalie M. Scala, Simon M. Hsiang
Construction Management and Economics, 40(7-8), p. 618-637, 2022
The objectives of this research are to identify perceptions of collaborative scheduling (CS) practices that drive project performance, define CS practices used by industry that impact key performance indicators (KPIs), and establish practices that are more commonly implemented and have a higher potential to positively impact KPIs. Results show that meeting owners’ expectation throughout the life-cycle of the project from design through construction and commissioning, using the schedule to support a strong project culture, and an effective communication plan were the top CS practices for overall KPI improvement. Managers can then improve KPIs efficiently by prioritizing their CS practices according to their own project needs.
Breaking through to Collaborative Scheduling: Approaches and Obstacles
Research Team 362, PIs: Thais Alves, Min Liu, Natalie M. Scala
Construction Industry Institute; The University of Texas at Austin
This technical report developed for the research sponsor examines collaborative scheduling (CS) practices. After a high-level introduction to CS for organizations that are willing to adopt collaboration, the report offers a Maturity Model for Collaborative Scheduling (MMCS), which shows how projects can be improved by increasing collaboration across five pillars: scheduling significance, planners and schedulers, scheduling representation, goal alignment with owner, and communication. Finally, the report identifies collaboration improvement opportunities at the project level in terms of five key performance indicators (KPIs): cost, schedule, safety, quality, and teamwork. Link to CII Knowledge Base
Project Delivery Contract Language, Schedules, and Collaboration
Thais da C. L. Alves, Manuel Martinez, Min Liu, Natalie M. Scala
29th Annual Conference of the International Group for Lean Construction (IGLC)
The construction industry has a variety of project delivery methods, contractual arrangements, and scheduling methods used to facilitate collaboration of stakeholders to maximize project performance. We investigate how project delivery methods and contractual arrangements might influence collaboration during the scheduling practice to help managers choose and adapt project delivery methods to their needs. Because schedules are commonly used as contractual documents, collective knowledge needs to be applied to develop, review, and validate schedules for construction projects, regardless of the delivery method used.
Schedulers and Schedules: A Study in the U.S. Construction Industry
Thais da C. L. Alves, Min Liu, Natalie M. Scala, Ashtad Javanmardi
Engineering Management Journal, 32(3), p. 166-185, 2020
This research examines how the construction industry addresses the roles of schedulers and schedules, with the goal of improving current practices. We use influence diagrams and statistical analyses to discover seven themes in the data and also identify corresponding industry challenges related to each theme. Themes include the dynamic nature of schedules, changes in schedule level of detail throughout the life cycle, differences between planning and scheduling, and the evolving roles of schedulers. We propose recommendations to increase collaboration when developing schedules and to improve the roles of schedulers. AAM via Taylor and Francis Publication Policy
A Survey Comparing Critical Path Method, Last Planner System, and Location-Based Techniques
Hylton Olivieri, Olli Seppanen, Thais Alves, Natalie M. Scala, Vincent Schiavone, Min Liu, Ariovaldo Denis Granja
Journal of Construction Engineering and Management, 145(12), 2019
This article compares and contrasts the use of Critical Path Method (CPM), Last Planner System (LPS), and Location-Based Techniques (LB) in the planning and control phases of project management (PM), and project production management (PPM). We analyze a survey of construction professionals in Brazil, China, Finland, and the United States to clarify industry benefits of each method and eliminate potential misunderstandings regarding method use. We find benefits related to critical path analysis and managing contracts using CPM and improved production control with LB and LPS. We conclude that the construction industry can benefit from aligning project scheduling methods with project needs. Final Draft via ASCE Publication Policy
Other Areas
Examining Real Time Pricing in Electricity Usage
Natalie M. Scala, Samuel Henteleff, Christopher Rigatti
Proceedings of the 2010 Industrial Engineering Research Conference
Using a survey, we examine potential customer preferences to Real Time Pricing (RTP), or dynamic electricity prices based on time of day and weather. We consider potential residential customer willingness to shift usage to off-peak hours for 11 typical household appliances, identifying potential implications if RTP was broadly enacted in the United States.
This research was selected as “Best Paper in Engineering Economy” at the 2010 Industrial Engineering Research Conference.
Analyzing Supplier Quality Management Practices in the Construction Industry
Rufaidah AlMaian, Kim LaScola Needy, Kenneth D. Walsh, Thaís da CL Alves, Natalie M. Scala
Quality Engineering, 28(2), p. 175-183, 2016
This article uses principal component analysis (PCA) to analyze a number of supplier quality management (SQM) practices from construction organizations known for effective SQM. Practices are validated by a decision model built from subject matter expert elicitation. We show that supplier's work observation, supplier performance rating, inspection effort tracking, and inspection and testing plans are important practices. The analysis can be extended to a quantitative methodology that quality engineers can use to analyze small sample size data.
Decision Modeling and Applications to Major League Baseball Pitcher Substitution
Natalie M. Scala
29th ASEM National Conference, 2008
This research examines the influences that affect a manager’s decision to substitute a pitcher in Major League Baseball and presents a decision model to analytically determine the best choice of pitcher to face a given batting line-up. Historical box scores are used to both illustrate and validate the model.
An Analytic Network Process (ANP) Approach to the Project Portfolio Management for Organizational Sustainability
Fikret K. Turan, Natalie M. Scala, Mary Besterfield-Sacre, Kim LaScola Needy
Proceedings of the 2009 Industrial Engineering Research Conference
This paper presents preliminary research that uses ANP and the Triple Bottom Line to evaluate and prioritize projects based on their potential contribution to an organization’s sustainability initiative.
Organizational Sustainability: A New Project Portfolio Management Approach that Integrates Financial and Non-Financial Performance Measures
Fikret Turan, Natalie M. Scala, Akram Kamrani, Kim LaScola Needy
Proceedings of the 2008 Industrial Engineering Research Conference
This paper presents preliminary research of a decision model that integrates financial and non-financial performance measures in project portfolio management via the Triple Bottom Line. Projects are prioritized to align with the organization’s financial, environmental, and social strategy.