• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.1
• /
• pp.343-352
• /
• 2021

This study aims to identify the impact of the audit approach based on business risks (i.e., external environment risk, operations risk, information risk) in reducing unsystematic risks (i.e., operational risk, credit risk, liquidity risk, capital risk, and administrative risk) in Jordanian banks. To reduce the effect of unsystematic risks and, thus, improve banking performance, an audit approach based on business risks has emerged. To achieve the objectives, this study relied on descriptive statistics and the regression approach to study twenty-five Jordanian banks. The researcher used the intentional sampling method represented by employees of the accounting, financial and control departments in Jordanian banks. Seventeen banks contributed to the study, with a percentage of 68%, totaling 356 employees. A questionnaire was designed to obtain the data, and due to homogeneity among the sampling members, a purposive sample was drawn and 300 questionnaires were distributed. The results of the study found a statistically significant effect of the audit approach based on business risks with its combined dimensions on reducing unsystematic risks in Jordanian banks. The results of the study also found a statistically significant effect of the business risk-based audit approach with its combined dimensions on reducing operational risks in Jordanian banks.

• Journal of Agricultural Extension & Community Development
• /
• v.18 no.3
• /
• pp.631-664
• /
• 2011

As agricultural companies encounter number of risks in their business, it is very important to control the risks for their stable management. So we examine the agricultural business risks and propose the risk management strategies for the agricultural companies. For these purpose, we analyze the agricultural business risks with which agricultural companies are confronted, and propose the agricultural companies' the risk management strategies. The results of this study are as follows : First, Changing the risk environment of agricultural business, we have to realize the importance of the agricultural risks and risk management in it. Second, When we choose the risk management strategies which are risk retention, risk avoidance, risk control, risk transfer and insurance, etc., we should always consider the frequency of loss and the severity of loss. Third, If we don't control the agricultural risks, we will be in a position to very difficult situation. So, Agricultural companies should lead to stronger effort to manage the risks for their stable business.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.5
• /
• pp.851-861
• /
• 2021

This study aims to explore the specific risks in family small-medium enterprises (SMEs) and explain how they manage these risks to sustain and expand. In Indonesia, family business composes around 95 percent of all businesses and contributes about 80 percent to the country's economy. SMEs contribute approximately 57.8 percent to the nation's gross domestic product. Risk management poses challenges to the family business's survival, as family members do not take actions on risk. The assessment of risk is difficult and family businesses lack the ability to determine risk management priorities, including risk management review processes to evaluate risk, thus leading to family business failures. Applying the case study approach, in-depth semi-structured interviews were conducted in seven family SMEs comprising fifteen informants. Additionally, a focus group discussion consisting of three experts is conducted to reaffirm the findings from the interviews, observations, and field notes. The research identified the specific risks and how the family owners strategize to safeguard against these risks such as cash flow deficiency, operations dysfunction, cultural frailty, disharmony, transgenerational entrepreneurship failure, political uncertainty, and unprofessionalism. Comprehending these risks and their strategic decisions elucidated in this research could enable the family owners and key non-family professionals to work hand-in-hand to thrive over the family business risks together. Further avenues of research regarding family business risk management are also suggested in this study.

• Asia pacific journal of information systems
• /
• v.23 no.2
• /
• pp.41-66
• /
• 2013

IS outsourcing has an important meaning to the Korean SME's (Small and Medium Enterprises) which want to use the IS Services. The objective of this research is to manage IT risks occurred during IS outsourcing project process. This study tries to identify these risks using real option methodology. In order to perform this objective, this study set up the research model which is composed of two main concepts. The first one is the risk factors occurred during IS outsourcing project process: User's Risks, Supplier's Risks and Transaction's Risks. All of these risks are based on Transaction Cost Theory. The second one is the intention to get (or buy) Real Options to manage the risks. In the research model, two types of real option are included: option to abandon (put option) and option to defer (call option). This study uses questionnaires and statistics methodology (PLS) to analyze the hypotheses proposed in the research model. Compared with prior studies, this study is different in two ways. First, this study restricts the range of IT risks. Prior researches of IT Risk management in MIS area cover various range of IT risks, but this study focuses on the Korean SME's IT outsourcing risks on the basis of Transaction Cost Theory. This study tests the relationship between the risks and real option types. Second, this study tries to test the moderating effect of user's risks and supplier's risks on the relationship between transaction's risks and real option types. In IT outsourcing research area, almost studies focus on the direct relationships between IT risks and outsourcing success. But in reality, the co-relationship among IT risks may occur. There are some findings according to the research analysis. First, risks related with user's risks have strong causal relationships with the intention to get option to abandon (put) and option to defer. But risks related with supplier's risks have causal relationships only with option to abandon (put). Second, user's risks and supplier's risks have no moderating effect on the relationship between transaction's risks and real option types. According to the research results, this research have some important and interesting implications on the IS outsourcing business area. First, this study identifies the effective types of real option to minimize the risks occurred during the IT outsourcing projects. So IS outsourcing service users can manage (or minimize) effectively the risks, which occurred during outsourcing projects, using real options. Second, real option gives benefits to suppliers and users at the same time (i.e., win-win strategies between IS outsourcing service providers and users). Vendors (:IS outsourcing service providers) can offer users the real options which can minimize the occurrence of risks in time. "IN TIME" means that before the IS outsourcing project starts, vendors can offer users the opportunity to buy real options in appropriate prices to manage the possibility of the risks of IS outsourcing project. And users also have chance to minimize the IT outsourcing risks occurred during the project process using real options.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.27
• /
• pp.129-161
• /
• 2005

Todays, computers in business world are potent facilitators that most companies could not without them, while they are only tools. They offer extremely efficient means of communication, particularly when connected to Internet. What I stress in this article is the risks accompanied by e-commerce rather than the advantages of Internet or e-commerce. The management of e-commerce companies, therefore, should keep in mind that the benefit of e-commerce through the Internet are accompanied by enhanced and new risks, cyber risks or e-commerce risks. For example, companies are exposed to computer system breakdown and business interruption risks owing to traditional and physical risks such as theft and fire etc, computer programming errors and defect softwares and outsider's attack such as hacking and virus. E-commerce companies are also exposed to tort liabilities owing to defamation, the infringement of intellectual property such as copyright, trademark and patent right, negligent misrepresent and breach of confidential information or privacy infringement. In this article, I would like to suggest e-commerce insurance or cyber liability insurance as a means of risk management rather than some technical devices, because there is not technically perfect defence against cyber risks. But e-commerce insurance has some gaps between risks confronted by companies and coverage needed by them, because it is at most 6 or 7 years since it has been introduced to market. Nevertheless, in my opinion, e-commerce insurance has offered the most perfect defence against cyber risks to e-commerce companies up to now.

• International Commerce and Information Review
• /
• v.7 no.3
• /
• pp.27-51
• /
• 2005

Todays, computers in business world are potent facilitators that most companies could not without them, while they are only tools. They offer extremely efficient means of communication, particularly when connected to Internet. What I stress in this article is the risks accompanied by e-commerce rather than the advantages of Internet or e-commerce. The management of e-commerce companies, therefore, should keep in mind that the benefit of e-commerce through the Internet are accompanied by enhanced and new risks, cyber risks or e-commerce risks. For example, companies are exposed to computer system breakdown and business interruption risks owing to traditional and physical risks such as theft and fire etc, computer programming errors and defect softwares and outsider's attack such as hacking and virus. E-commerce companies are also exposed to tort liabilities owing to defamation, the infringement of intellectual property such as copyright, trademark and patent right, negligent misrepresent and breach of confidential information or privacy infringement. In this article, I would like to suggest e-commerce insurance or cyber liability insurance as a means of risk management rather than some technical devices, because there is not technically perfect defence against cyber risks. But e-commerce insurance has some gaps between risks confronted by companies and coverage needed by them, because it is at most 6 or 7 years since it has been introduced to market. Nevertheless, in my opinion, e-commerce insurance has offered the most perfect defence against cyber risks to e-commerce companies up to now.

• Explosives and Blasting
• /
• v.29 no.2
• /
• pp.59-66
• /
• 2011

A variety of risks caused by natural, technological and biological hazards threaten a business continuity of an organization. Business continuity is very important issue for all organizations and its proper management may control success and failure of an organization. Business continuity plan (BCP) may be defined as a management process which provides a business continuity. BCP includes risk management, operational continuity plan, response/ recovery, exercise/study and crisis communication, etc. Risk management is a systematic method to identify, analyze, evaluate and treat emergency risks and risk assessment is composed of identifying, analyzing and evaluating emergency risks. Risk assesment is the first step for making BCP. In this study, risk assessment has been conducted for sewer laying project. Through assessing risks, 18 risks that may threaten the construction operation are identified and it is founded to be that high levels of risks which require treatment are 'collapse of excavation surface', 'breakage of ground infra-facilities', 'noise & dust dispersion' and 'rise of material costs'.

• IE interfaces
• /
• v.16 no.4
• /
• pp.421-431
• /
• 2003

Due to the increasing complexity of the information systems environment, modern information systems are facing more difficult and various security risks than ever, there by calling for a higher level of security safeguard. In this paper, an information technology security risk management model, which modified by adopting the concept of business processes, is applied to client/server distributed systems. The results demonstrate a high level of risk-detecting performance of the model, by detecting various kinds of security risks. In addition, a practical and efficient security control safeguard to cope with the identified security risks are suggested. Namely, using the proposed model, the risks on the assets in both of the I/O stage(on client side) and the request/processing stage(on server side), which can cause serious problems on business processes, are identified and the levels of the risks are analyzed. The analysis results show that maintenance of management and access control to application systems are critical in the I/O stage, while managerial security activities including training are critical in the request/processing stage.

• Journal of Information Processing Systems
• /
• v.10 no.1
• /
• pp.132-144
• /
• 2014

Information always comes with security and risk problems. There is the saying that, "The tall tree catches much wind," and the risks from cloud services will absolutely be more varied and more severe. Nowadays, handling these risks is no longer just a technology problem. So far, a good deal of literature that focuses on risk or security management and frameworks in information systems has already been submitted. This paper analyzes the causal risk factors in cloud environments through critical success factors, from a business perspective. We then integrated these critical success factors into a business model for information security by mapping out 10 principles related to cloud risks. Thus, we were able to figure out which aspects should be given more consideration in the actual transactions of cloud services, and were able to make a business-level and general-risk control model for cloud computing.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.2
• /
• pp.703-708
• /
• 2010

Various information sources and the increasing vulnerabilities of information systems could increase the risks of a business. The successful management of business risks depends on appropriate level of risks in business. Business risk management would be conducted in terms of financial risk management and information security management. The financial management and the information security management could not achieve an integrated business risk management. For developing the integrated business risk management, this study analyzes the various information security management systems such as ISMS, EA, ISO27001, COBIT, SPICE, Auditing. This study analyzes information security systems, which could be utilized in developing business risk management.