An integrated IT risk model

Ernest Jordan

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

2 Citations (Scopus)

Abstract

The worldwide concern with corporate governance concerns itself, inter alia, with the risks that an organisation faces; for many, IT is significant among those risks. This paper examines the audit approach, and others, to dealing with risks in IT-based systems. This paper summarises the findings of research in IT-related areas of risk and then draws together a character for IT governance that meets the wider needy of corporate governance. IT risks are collated in the form of a portfolio so that risk is dealt with in a positive, systematic manner. The portfolio sets out to be exhaustive so that all risk can be brought together under a single managerial role. fits that are The IT governance model balances risks with strategic goals and the specific bene intended through the implementation of IT A case study illustrates the application of the model.

Original languageEnglish
Title of host publicationPacific Asia conference on information systems 2005, sections 1-8 and poster sessions 1-6
EditorsP. Chau
Place of PublicationKaohsiung, Taiwan
PublisherNATL SUN YAT-SEN UNIV
Pages632-644
Number of pages13
Publication statusPublished - 2005
Event9th Pacific Asia Conference on Information Systems (PACIS 2005) - Bangkok, Thailand
Duration: 1 Jul 2005 → …

Conference

Conference9th Pacific Asia Conference on Information Systems (PACIS 2005)
CountryThailand
CityBangkok
Period1/07/05 → …

Keywords

  • IT governance
  • IT risk portfolio
  • information assets

Cite this

Jordan, E. (2005). An integrated IT risk model. In P. Chau (Ed.), Pacific Asia conference on information systems 2005, sections 1-8 and poster sessions 1-6 (pp. 632-644). Kaohsiung, Taiwan: NATL SUN YAT-SEN UNIV.