1. How to submit my research paper? What’s the process of publication of my paper?
The journal receives submitted manuscripts via email only. Please submit your research paper in .doc or .pdf format to the submission email: jiii@ejournal.net.
2. Can I submit an abstract?
The journal publishes full research papers...[Read More]

ICT Outsourcing Information Security Risk Factors: An Exploratory Analysis of Threat Risks Factor for Critical Project Characteristics

Nik Zulkarnaen Khidzir1, Azlinah Mohamed2, and Noor Habibah Arshad2
1.Infrastructure University Kuala Lumpur, Faculty of Information and Computing Technology, Kuala Lumpur, Malaysia
2.Universiti Teknologi MARA, Faculty of Computer and Mathematical Sciences, Shah Alam, Malaysia
Abstract—ICT outsourcing is one of the successful strategies implemented to reduce organization’s ICT operational cost and to give more priority to their core business rather to ICT operational activities. However, it causes significant risks to the success of the outsourcing ventures especially Information Security Risk (ISR). Therefore, analysis of ISR factors level for ICT Outsourcing project is required to prepare appropriate plan in order to minimize the impact of the risk to organization. The objective of this study is to assess the information security Threat Risks Factor (TRF) severity level for ICT Outsourcing project characteristics through exploratory analysis approach. Questionnaires were distributed to 300 private companies from various industry and government agencies in Malaysia involved in ICT Outsourcing projects. The project characteristics such Projects Type; Number of Service Provider; Outsourcing Strategy, Outsourced Project Percentage; Project Duration; Project Cost; and Project Team Size were analyzed. Thus, TRF severity levels were discovered for ICT outsourcing project characteristics commonly implemented in Malaysia. Results of the analysis reveal the evidence of highly risk ICT outsourcing project characteristics exploited through TRF. Hence, the organization could be able to avoid these ICT outsourcing project profile characteristics in order to minimize the risk and its related impacts. Finally, organizations can re-evaluate potential risks and improve their practices managing information security risk and urgently address information security risks to gain optimum benefits from their ICT outsourcing ventures.

Index Terms—ICT Outsourcing, Information Security, Threats Risk Factor, Project Characteristics, Exploratory Analysis

Cite: Nik Zulkarnaen Khidzir, Azlinah Mohamed, and Noor Habibah Arshad, "ICT Outsourcing Information Security Risk Factors: An Exploratory Analysis of Threat Risks Factor for Critical Project Characteristics," Journal of Industrial and Intelligent Information, Vol. 1, No. 4, pp. 218-222, December 2013. doi: 10.12720/jiii.1.4.218-222
Copyright © 2012-2022 Journal of Industrial and Intelligent Information, All Rights Reserved