Abstract
The worldwide concern with corporate governance concerns itself, inter alia, with the risks that an organisation faces; for many, IT is significant among those risks. This paper examines the audit approach, and others, to dealing with risks in IT-based systems. This paper summarises the findings of research in IT-related areas of risk and then draws together a character for IT governance that meets the wider needy of corporate governance. IT risks are collated in the form of a portfolio so that risk is dealt with in a positive, systematic manner. The portfolio sets out to be exhaustive so that all risk can be brought together under a single managerial role. fits that are The IT governance model balances risks with strategic goals and the specific bene intended through the implementation of IT A case study illustrates the application of the model.
| Original language | English |
|---|---|
| Title of host publication | Pacific Asia conference on information systems 2005, sections 1-8 and poster sessions 1-6 |
| Editors | P. Chau |
| Place of Publication | Kaohsiung, Taiwan |
| Publisher | NATL SUN YAT-SEN UNIV |
| Pages | 632-644 |
| Number of pages | 13 |
| Publication status | Published - 2005 |
| Event | 9th Pacific Asia Conference on Information Systems (PACIS 2005) - Bangkok, Thailand Duration: 1 Jul 2005 → … |
Conference
| Conference | 9th Pacific Asia Conference on Information Systems (PACIS 2005) |
|---|---|
| Country/Territory | Thailand |
| City | Bangkok |
| Period | 1/07/05 → … |
Keywords
- IT governance
- IT risk portfolio
- information assets