TU Darmstadt / ULB / TUbiblio

Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification

Ackermann, Tobias ; Miede, André ; Buxmann, Peter ; Steinmetz, Ralf :
Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification.
Proceedings of the 19th European Conference on Information Systems (ECIS)
[ Konferenzveröffentlichung] , (2011)

Kurzbeschreibung (Abstract)

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2011
Autor(en): Ackermann, Tobias ; Miede, André ; Buxmann, Peter ; Steinmetz, Ralf
Titel: Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification
Sprache: ["languages_typename_1" not defined]
Kurzbeschreibung (Abstract):

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model.

Buchtitel: Proceedings of the 19th European Conference on Information Systems (ECIS)
Freie Schlagworte: Secure Services;IT outsourcing, IT risk management, taxonomy, risks, IT security, quality of service, literature review
Fachbereich(e)/-gebiet(e): LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Veranstaltungsort: Helsinki, Finland
Hinterlegungsdatum: 30 Dez 2016 20:23
ID-Nummer: TUD-CS-2011-0119
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen