A business approach to effective information technology risk analysis and management

Welcome:
Guest

Information Management & Computer Security

ISSN: 0968-5227

Online from: 1993

Subject Area: Information and Knowledge Management

Content: Latest Issue | Latest Issue RSS | Previous Issues

Options: To add Favourites and Table of Contents Alerts please take a Emerald profile

Document Information:
Title:	A business approach to effective information technology risk analysis and management
Author(s):	Sharon Halliday, (UNISYS, Port Elizabeth, South Africa), Karin Badenhorst, (Integrated Risk Consultants (IRC), Johannesburg, South Africa), Rossouw von Solms, (Department of Information Technology, Port Elizabeth, Technikon, South Africa)
Citation:	Sharon Halliday, Karin Badenhorst, Rossouw von Solms, (1996) "A business approach to effective information technology risk analysis and management", Information Management & Computer Security, Vol. 4 Iss: 1, pp.19 - 31
Keywords:	Business analysis, Corporate planning, Information technology, Risk management
Article type:	Conceptual Paper
DOI:	10.1108/09685229610114178 (Permanent URL)
Publisher:	MCB UP Ltd
Abstract:	Suggests that a number of difficulties are experienced by organizations using conventional risk analysis and management. “Conventional” refers to those methodologies which are based on the traditional asset/threat/vulnerability model. Identifies a need for an approach that is more suitable for smaller organizations, as well as organizations requiring a quicker, more simplified and less resource-intensive approach. In light of this requirement, proposes an alternative approach to effective information technology (IT) risk analysis and management. This approach has a business-oriented focus from an IT perspective.