Information technology risk management: the case of the International Islamic University Malaysia
Managing risks are crucial in all fields. Information technology risks pose more threats to organisations in three categories: 1) technical and operational risk; 2) data and information security risk; and 3) organisation, project and human risk. Therefore, modern organisations have to face the chal...
Saved in:
Main Authors: | , |
---|---|
Format: | Article |
Language: | English |
Published: |
UTMSPACE
2012
|
Subjects: | |
Online Access: | http://irep.iium.edu.my/32107/1/H_ITRiskManagement_CReadydoc.pdf http://irep.iium.edu.my/32107/ http://seminar.spaceutm.edu.my/jisri/Volume1.html |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.iium.irep.32107 |
---|---|
record_format |
dspace |
spelling |
my.iium.irep.321072013-10-02T03:32:22Z http://irep.iium.edu.my/32107/ Information technology risk management: the case of the International Islamic University Malaysia Ahlan, Abdul Rahman Arshad, Yusri T Technology (General) T58.6 Management information systems Managing risks are crucial in all fields. Information technology risks pose more threats to organisations in three categories: 1) technical and operational risk; 2) data and information security risk; and 3) organisation, project and human risk. Therefore, modern organisations have to face the challenging new and increasing threats from IT risks in more sophisticated manners. This task is difficult if it is not properly given due care by top management and implemented diligently with duty of care by the responsible teams. The main objective of the paper is to develop an information technology risk management framework for International Islamic University Malaysia (IIUM) based upon series of consultant group discussions, risk management formulation, business process identification, quantification of risk weightage and classification of core risk factors in a university environment. The proposed risk management method has been applied to IIUM case. This study uses an action research approach with the active involvement of the researchers and stakeholders in order to identify, analyse and respond to risks. The analysis draws upon both empirical research and a real case study. The study finds that top management acknowledges the important pervasive role of information technology in organisations and that consequential threats originating and created from the use of IT hardware and software can be detrimental to organisational effectiveness and efficiency. The dangers could cause financial, privacy, security and data losses. As a result, IIUM engaged its ICT strategic business unit to draw and design a new IT risk management framework based on the current problems and settings. The framework, however, can be applied to other Malaysia public and private universities. Moreover, it is also suitable for replication in non-academic institutions with a few minor adjustments. UTMSPACE 2012-08 Article REM application/pdf en http://irep.iium.edu.my/32107/1/H_ITRiskManagement_CReadydoc.pdf Ahlan, Abdul Rahman and Arshad, Yusri (2012) Information technology risk management: the case of the International Islamic University Malaysia. Journal of Information Systems Research and Innovation, 1. pp. 58-67. ISSN 2289-1358 http://seminar.spaceutm.edu.my/jisri/Volume1.html |
institution |
Universiti Islam Antarabangsa Malaysia |
building |
IIUM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
International Islamic University Malaysia |
content_source |
IIUM Repository (IREP) |
url_provider |
http://irep.iium.edu.my/ |
language |
English |
topic |
T Technology (General) T58.6 Management information systems |
spellingShingle |
T Technology (General) T58.6 Management information systems Ahlan, Abdul Rahman Arshad, Yusri Information technology risk management: the case of the International Islamic University Malaysia |
description |
Managing risks are crucial in all fields. Information technology risks pose more threats to organisations in three
categories: 1) technical and operational risk; 2) data and information security risk; and 3) organisation, project and human risk. Therefore, modern organisations have to face the challenging new and increasing threats from IT risks in more
sophisticated manners. This task is difficult if it is not properly given due care by top management and implemented
diligently with duty of care by the responsible teams. The main objective of the paper is to develop an information
technology risk management framework for International Islamic University Malaysia (IIUM) based upon series of
consultant group discussions, risk management formulation, business process identification, quantification of risk
weightage and classification of core risk factors in a university environment. The proposed risk management method has
been applied to IIUM case. This study uses an action research approach with the active involvement of the researchers and
stakeholders in order to identify, analyse and respond to risks. The analysis draws upon both empirical research and a real
case study. The study finds that top management acknowledges the important pervasive role of information technology in
organisations and that consequential threats originating and created from the use of IT hardware and software can be
detrimental to organisational effectiveness and efficiency. The dangers could cause financial, privacy, security and data losses. As a result, IIUM engaged its ICT strategic business unit to draw and design a new IT risk management framework based on the current problems and settings. The framework, however, can be applied to other Malaysia public and private universities. Moreover, it is also suitable for replication in non-academic institutions with a few minor adjustments. |
format |
Article |
author |
Ahlan, Abdul Rahman Arshad, Yusri |
author_facet |
Ahlan, Abdul Rahman Arshad, Yusri |
author_sort |
Ahlan, Abdul Rahman |
title |
Information technology risk management: the case of the
International Islamic University Malaysia |
title_short |
Information technology risk management: the case of the
International Islamic University Malaysia |
title_full |
Information technology risk management: the case of the
International Islamic University Malaysia |
title_fullStr |
Information technology risk management: the case of the
International Islamic University Malaysia |
title_full_unstemmed |
Information technology risk management: the case of the
International Islamic University Malaysia |
title_sort |
information technology risk management: the case of the
international islamic university malaysia |
publisher |
UTMSPACE |
publishDate |
2012 |
url |
http://irep.iium.edu.my/32107/1/H_ITRiskManagement_CReadydoc.pdf http://irep.iium.edu.my/32107/ http://seminar.spaceutm.edu.my/jisri/Volume1.html |
_version_ |
1643610147451305984 |
score |
13.188404 |