Title :
Enterprise level IT risks: An assessment framework and tool
Author :
Azizi, Nadhirah ; Hashim, Khairuddin
Author_Institution :
Software Eng. Dept., Tenaga Nasional Univ., Malaysia
Abstract :
Increase in emphasis on risk management allows for better enterprise IT risk management. Early risk identification and assessment ensures effective risk management steps are formulated. The formulation and sustenance of an IT risk management framework is one of the critical and challenging tasks of modern corporate enterprise risk management. The existence of a risk assessment tool allows for effective risk measurement. This paper presents an enterprise level IT risk assessment framework and a tool that is based on the framework which organizes IT risks into five categories: infrastructure development and support, operations and maintenance of business process, office level support, software development and outsourcing management. The approach helps assess and identify IT risks at the enterprise level.
Keywords :
business process re-engineering; risk management; software development management; assessment tool; corporate enterprise risk management; enterprise IT risk management; enterprise level IT risk assessment framework; enterprise level IT risks; risk identification; Hardware; Humans; Knowledge engineering; Libraries; Security; Servers; Software; assessment; enterprise level; framework; information technology; risk;
Conference_Titel :
Computer Science and Information Technology (ICCSIT), 2010 3rd IEEE International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5537-9
DOI :
10.1109/ICCSIT.2010.5563565
