TU Darmstadt / ULB / TUbiblio

Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification

Ackermann, Tobias ; Miede, André ; Buxmann, Peter ; Steinmetz, Ralf (2011)
Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification.
Helsinki, Finland
Conference or Workshop Item, Bibliographie

Abstract

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model.

Item Type: Conference or Workshop Item
Erschienen: 2011
Creators: Ackermann, Tobias ; Miede, André ; Buxmann, Peter ; Steinmetz, Ralf
Type of entry: Bibliographie
Title: Taxonomy of Technological IT Outsourcing Risks: Support for Risk Identification and Quantification
Language: English
Date: June 2011
Book Title: Proceedings of the 19th European Conference on Information Systems (ECIS)
Event Location: Helsinki, Finland
Abstract:

The past decade has seen an increasing interest in IT outsourcing as it promises companies many economic benefits. In recent years, IT paradigms, such as Software-as-a-Service or Cloud Computing using third-party services, are increasingly adopted. Current studies show that IT security and data privacy are the dominant factors affecting the perceived risk of IT outsourcing. Therefore, we explicitly focus on determining the technological risks related to IT security and quality of service characteristics associated with IT outsourcing. We conducted an extensive literature review, and thoroughly document the process in order to reach high validity and reliability. 149 papers have been evaluated based on a review of the whole content and out of the finally relevant 68 papers, we extracted 757 risk items. Using a successive refinement approach, which involved reduction of similar items and iterative re-grouping, we establish a taxonomy with nine risk categories for the final 70 technological risk items. Moreover, we describe how the taxonomy can be used to support the first two phases of the IT risk management process: risk identification and quantification. Therefore, for each item, we give parameters relevant for using them in an existing mathematical risk quantification model.

Uncontrolled Keywords: Secure Services;IT outsourcing, IT risk management, taxonomy, risks, IT security, quality of service, literature review
Identification Number: TUD-CS-2011-0119
Divisions: LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Date Deposited: 30 Dec 2016 20:23
Last Modified: 03 Jun 2018 21:30
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details