{"title":"Corporate IT Risk Management model: A holistic view at managing information system security risks","authors":"M. Spremić","doi":"10.2498/iti.2012.0461","DOIUrl":null,"url":null,"abstract":"Most organizations in all sectors of industry, commerce and government are fundamentally dependent on their information systems (IS) and would quickly cease to function should the technology (preferably information technology - IT) that underpins their activities ever come to halt [15]. IS and IT may contribute towards efficiency, productivity and competitiveness improvements of both inter-organizational and intra-organizational systems [1]. Successful organizations manage IT function in much the same way that they manage their other strategic functions and processes. This in particular means that they understand and manage risks associated with growing IT opportunities as well as critical dependence of many business processes on IT and vice-versa. IT risk management issues are not only any more marginal or `technical' problems and become more and more a `business problem'. Therefore, in this paper a Corporate IT Risk Management model is proposed and contemporary frameworks of IT Governance and IS Audit is shown and explained.","PeriodicalId":135105,"journal":{"name":"Proceedings of the ITI 2012 34th International Conference on Information Technology Interfaces","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ITI 2012 34th International Conference on Information Technology Interfaces","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2498/iti.2012.0461","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
Most organizations in all sectors of industry, commerce and government are fundamentally dependent on their information systems (IS) and would quickly cease to function should the technology (preferably information technology - IT) that underpins their activities ever come to halt [15]. IS and IT may contribute towards efficiency, productivity and competitiveness improvements of both inter-organizational and intra-organizational systems [1]. Successful organizations manage IT function in much the same way that they manage their other strategic functions and processes. This in particular means that they understand and manage risks associated with growing IT opportunities as well as critical dependence of many business processes on IT and vice-versa. IT risk management issues are not only any more marginal or `technical' problems and become more and more a `business problem'. Therefore, in this paper a Corporate IT Risk Management model is proposed and contemporary frameworks of IT Governance and IS Audit is shown and explained.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
