Risk analysis for Information Technology

Risk analysis for Information Technology

0.00 Avg rating0 Votes
Article ID: iaor19941440
Country: United States
Volume: 8
Issue: 1
Start Page Number: 129
End Page Number: 147
Publication Date: Jun 1991
Journal: Journal of Management Information Systems
Authors: , ,
Keywords: control
Abstract:

As Information Technology (IT) has become increasingly important to the competitive position of firms, managers have grown more sensitive to their organization’s overall IT risk management. Recent publicity concerning losses incurred by companies because of problems with their sophisticated information systems has focused attention on the importance of these systems to the organization. In an attempt to minimize or avoid such losses, managers are employing various qualitative and quantitative risk analysis methodologies. The risk analysis literature, however, suggests that these managers typically utilize a single methodology, not a combination of methodologies. This paper proposes a risk analysis process that employs a combination of qualitative and quantitative methodologies. This process should provide managers with a better approximation of their organization’s overall information technology risk posture. Practicing managers can also use this proposed process as a guideline in formulating new risk analysis procedures and/or evaluating their current risk analysis procedures.

Reviews

Required fields are marked *. Your email address will not be published.