- Title
- Epirismm: an enterprise information risk management model
- Creator
- Lategan, Neil
- Subject
- Risk management
- Subject
- Small business
- Subject
- Information technology -- Security measures
- Date Issued
- 2006
- Date
- 2006
- Type
- Thesis
- Type
- Masters
- Type
- MTech
- Identifier
- vital:9734
- Identifier
- http://hdl.handle.net/10948/541
- Identifier
- Risk management
- Identifier
- Small business
- Identifier
- Information technology -- Security measures
- Description
- Today, information is considered a commodity and no enterprise can operate without it. Indeed, the information and the supporting technology are pivotal in all enterprises. However, a major problem being experienced in the business environment is that enterprise risk cannot be managed effectively because business and information-related risk are not congruently aligned with risk management terminology and practices. The business environment and information technology are bound together by information. For this reason, it is imperative that risk management is synergised in the business, ICT (Information and Communication Technology) and information environments. A thorough, all inclusive, risk analysis exercise needs to be conducted in business and supporting environments in order to develop an effective internal control system. Such an internal control system should reduce the exposure of risk and aid the safeguarding of assets. Indeed, in today’s so-called information age, where business processes integrate the business and ICT environments, it is imperative that a unary internal control system be established, based on a holistic risk management exercise. To ensure that the enterprise, information and ICT environments operate free of the risks that threaten them, the risks should be properly governed. A model, EPiRISMM (Enterprise Information Risk Management Model) is proposed that offers to combine risk management practices from an ICT, information, governance, and enterprise perspective because there are so many overlapping aspects inherent in them. EPiRISMM combines various well-known standards and frameworks into one coherent model. By employing EPiRISMM, an enterprise will be able to eliminate the traditional segmented approach of the ICT department and thus eliminate any previous discontinuity in risk management practices.
- Format
- xii, 179 leaves
- Format
- Publisher
- Nelson Mandela Metropolitan University
- Publisher
- Faculty of Engineering, the Built Environment and Information Technology
- Language
- English
- Rights
- Nelson Mandela Metropolitan University
- Hits: 1522
- Visitors: 1730
- Downloads: 269
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCEPDF | 1 MB | Adobe Acrobat PDF | View Details Download |