Decision Analysis Working Paper Abstract
Archive
WP030016
|
Title: Including Technical and Security Risks in the Development
of Information Systems: A Programmatic Risk Management Model
Authors: Robin
Dillon-Merrill Georgetown Universtiy
Date: January 2003
Status: Working Paper
Security is increasingly becoming a critical focus in information systems
projects. With more networks, mobility, and telecommuting, there
is an increased need for an assessment of the technical and security risks.
These risks if realized can have devastating impacts: interruptions of
service, data theft or corruption, embezzlement and fraud, and compromised
customer privacy. The software risk assessment literature (for example,
Schmidt et al., 2001, Barki et al., 2001, and Lyytinen et al., 1998) has
focused primarily on managerial or development risks. With the increasing
focus on technical and security risks, theoretical risk models need to
be developed that can provide a framework for assessing and managing the
critical technical and security risk factors in conjunction with the managerial
and development risks. This research seeks to model this problem
by extending risk models originally developed for large-scale engineering
systems.
Click here to access a pdf version of the
paper.
Back to the Decision Analysis Working Paper
Index
