TU Darmstadt / ULB / TUbiblio

Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification

Ackermann, Tobias and Miede, André and Buxmann, Peter and Steinmetz, Ralf (2011):
Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification.
In: Proceedings of the 19th European Conference on Information Systems (ECIS), Helsinki, Finland, [Conference or Workshop Item]

Abstract

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model.

Item Type: Conference or Workshop Item
Erschienen: 2011
Creators: Ackermann, Tobias and Miede, André and Buxmann, Peter and Steinmetz, Ralf
Title: Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification
Language: ["languages_typename_1" not defined]
Abstract:

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model.

Title of Book: Proceedings of the 19th European Conference on Information Systems (ECIS)
Uncontrolled Keywords: Secure Services;IT outsourcing, IT risk management, taxonomy, risks, IT security, quality of service, literature review
Divisions: LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Event Location: Helsinki, Finland
Date Deposited: 30 Dec 2016 20:23
Identification Number: TUD-CS-2011-0119
Export:
Suche nach Titel in: TUfind oder in Google

Optionen (nur für Redakteure)

View Item View Item