UPM Institutional Repository

A risk mitigation model of information technology governance in selected Malaysian Universities


Citation

Bokolo, Anthony Junior (2015) A risk mitigation model of information technology governance in selected Malaysian Universities. Masters thesis, Universiti Putra Malaysia.

Abstract

Information Technology (IT) Governance faces various risks such as strategic,operational and technical risks. These risks should be identified, measured and mitigated. After risks are identified, appropriate actions should be devoted to mitigate these risks. However, risk mitigation is a complicated process especially in IT Governance. It leads to difficulty in choosing and executing mitigation actions. The mitigation of risks aids practitioners to identify the cause and effect among the components of risks mitigation and it provides a suitable metric to measure these risks. In mitigating risk, accurate decision making is based on the identified and measured risks. Risk mitigation in IT Governance provides a multidisciplinary environment for proactive decision making to measure and treat potential risk continuously. However, the existing standards for risk mitigation show limitations when mitigating operational and technical risks. Besides, the existing model provides inadequate support to practitioners in making risk decision pertaining to risk mitigation especially in IT governance. This is due to the fact that existing models lacks the capabilities to support practitioners in making decision relating to risk mitigation. The mitigation risks were identified by previous researchers, academicians and practitioners use various techniques such as prioritizing, evaluating and ranking the risks. This research develops a risk mitigation model for risk mitigation of IT Governance. In order to develop the model, this research identifies the processes and operational and technical risk components in mitigating risk of IT Governance. The risk mitigation system (RMS) is developed based on proposed model using software agents and knowledge mapping. The research scope is mainly on several Malaysian universities that specifically mainly decision in risk mitigation process. Qualitative research using Case study was adopted using only interview mainly in this research. Pilot study was carried out in 2 Malaysian universities with 5 expert informants to verify the instrument and the data of risk mitigation based on IT Governance. The case study was carried out in 2 Malaysian Universities which involved 7 expert informants to verify the risk mitigation process and components derived from the literature review. The risk decisions process was verified by adopting Iterative triangulation. The risk mitigation model can assists in measuring the probabilities and impact of risks, provides risk reduction advice using risk data, provide suggestions for monitoring activities, supporting collaborative decision-making process among risk mitigation practitioners in their organisation.


Download File

[img]
Preview
PDF
FSKTM 2015 2RR.pdf

Download (1MB) | Preview

Additional Metadata

Item Type: Thesis (Masters)
Subject: Information technology
Subject: Strategic planning
Subject: Universities and colleges - Education - Higher
Call Number: FSKTM 2015 2
Chairman Supervisor: Noraini Bt Che Pa, PhD
Divisions: Faculty of Computer Science and Information Technology
Depositing User: Haridan Mohd Jais
Date Deposited: 23 Aug 2017 02:28
Last Modified: 23 Aug 2017 02:28
URI: http://psasir.upm.edu.my/id/eprint/57089
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item