An integrated IT risk model

Ernest Jordan

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

2 Citations (Scopus)


The worldwide concern with corporate governance concerns itself, inter alia, with the risks that an organisation faces; for many, IT is significant among those risks. This paper examines the audit approach, and others, to dealing with risks in IT-based systems. This paper summarises the findings of research in IT-related areas of risk and then draws together a character for IT governance that meets the wider needy of corporate governance. IT risks are collated in the form of a portfolio so that risk is dealt with in a positive, systematic manner. The portfolio sets out to be exhaustive so that all risk can be brought together under a single managerial role. fits that are The IT governance model balances risks with strategic goals and the specific bene intended through the implementation of IT A case study illustrates the application of the model.

Original languageEnglish
Title of host publicationPacific Asia conference on information systems 2005, sections 1-8 and poster sessions 1-6
EditorsP. Chau
Place of PublicationKaohsiung, Taiwan
Number of pages13
Publication statusPublished - 2005
Event9th Pacific Asia Conference on Information Systems (PACIS 2005) - Bangkok, Thailand
Duration: 1 Jul 2005 → …


Conference9th Pacific Asia Conference on Information Systems (PACIS 2005)
Period1/07/05 → …


  • IT governance
  • IT risk portfolio
  • information assets


Dive into the research topics of 'An integrated IT risk model'. Together they form a unique fingerprint.

Cite this