An Integrated it Risk Model

13 Pages Posted: 25 Aug 2005

See all articles by Ernest Jordan

Ernest Jordan

Macquarie Graduate School of Management

Date Written: July 8, 2005

Abstract

The worldwide concern with corporate governance concerns itself, inter alia, with the risks that an organization faces; for many, IT is significant among those risks. This paper examines the audit approach, and others, to dealing with risks in IT-based systems. This paper summarizes the findings of research in IT-related areas of risk and then draws together a charter for IT governance that meets the wider needs of corporate governance. IT risks are collated in the form of a portfolio so that risk is dealt with in a positive, systematic manner. The portfolio sets out to be exhaustive so that all risk can be brought together under a single managerial role. The IT governance model balances risks with strategic goals and the specific benefits that are intended through the implementation of IT. A case study illustrates the application of the model.

Keywords: IT risk, IT governance, risk portfolio

JEL Classification: M10

Suggested Citation

Jordan, Ernest, An Integrated it Risk Model (July 8, 2005). Available at SSRN: https://ssrn.com/abstract=787326 or http://dx.doi.org/10.2139/ssrn.787326

Ernest Jordan (Contact Author)

Macquarie Graduate School of Management ( email )

99 Talavera Road
Sydney, NSW 2113
Australia

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
468
Abstract Views
2,171
Rank
123,375
PlumX Metrics