• The Journal of Asian Finance, Economics and Business
• /
• 제8권1호
• /
• pp.343-352
• /
• 2021

This study aims to identify the impact of the audit approach based on business risks (i.e., external environment risk, operations risk, information risk) in reducing unsystematic risks (i.e., operational risk, credit risk, liquidity risk, capital risk, and administrative risk) in Jordanian banks. To reduce the effect of unsystematic risks and, thus, improve banking performance, an audit approach based on business risks has emerged. To achieve the objectives, this study relied on descriptive statistics and the regression approach to study twenty-five Jordanian banks. The researcher used the intentional sampling method represented by employees of the accounting, financial and control departments in Jordanian banks. Seventeen banks contributed to the study, with a percentage of 68%, totaling 356 employees. A questionnaire was designed to obtain the data, and due to homogeneity among the sampling members, a purposive sample was drawn and 300 questionnaires were distributed. The results of the study found a statistically significant effect of the audit approach based on business risks with its combined dimensions on reducing unsystematic risks in Jordanian banks. The results of the study also found a statistically significant effect of the business risk-based audit approach with its combined dimensions on reducing operational risks in Jordanian banks.

• 농촌지도와개발
• /
• 제18권3호
• /
• pp.631-664
• /
• 2011

As agricultural companies encounter number of risks in their business, it is very important to control the risks for their stable management. So we examine the agricultural business risks and propose the risk management strategies for the agricultural companies. For these purpose, we analyze the agricultural business risks with which agricultural companies are confronted, and propose the agricultural companies' the risk management strategies. The results of this study are as follows : First, Changing the risk environment of agricultural business, we have to realize the importance of the agricultural risks and risk management in it. Second, When we choose the risk management strategies which are risk retention, risk avoidance, risk control, risk transfer and insurance, etc., we should always consider the frequency of loss and the severity of loss. Third, If we don't control the agricultural risks, we will be in a position to very difficult situation. So, Agricultural companies should lead to stronger effort to manage the risks for their stable business.

• The Journal of Asian Finance, Economics and Business
• /
• 제8권5호
• /
• pp.851-861
• /
• 2021

This study aims to explore the specific risks in family small-medium enterprises (SMEs) and explain how they manage these risks to sustain and expand. In Indonesia, family business composes around 95 percent of all businesses and contributes about 80 percent to the country's economy. SMEs contribute approximately 57.8 percent to the nation's gross domestic product. Risk management poses challenges to the family business's survival, as family members do not take actions on risk. The assessment of risk is difficult and family businesses lack the ability to determine risk management priorities, including risk management review processes to evaluate risk, thus leading to family business failures. Applying the case study approach, in-depth semi-structured interviews were conducted in seven family SMEs comprising fifteen informants. Additionally, a focus group discussion consisting of three experts is conducted to reaffirm the findings from the interviews, observations, and field notes. The research identified the specific risks and how the family owners strategize to safeguard against these risks such as cash flow deficiency, operations dysfunction, cultural frailty, disharmony, transgenerational entrepreneurship failure, political uncertainty, and unprofessionalism. Comprehending these risks and their strategic decisions elucidated in this research could enable the family owners and key non-family professionals to work hand-in-hand to thrive over the family business risks together. Further avenues of research regarding family business risk management are also suggested in this study.

• Asia pacific journal of information systems
• /
• 제23권2호
• /
• pp.41-66
• /
• 2013

IS outsourcing has an important meaning to the Korean SME's (Small and Medium Enterprises) which want to use the IS Services. The objective of this research is to manage IT risks occurred during IS outsourcing project process. This study tries to identify these risks using real option methodology. In order to perform this objective, this study set up the research model which is composed of two main concepts. The first one is the risk factors occurred during IS outsourcing project process: User's Risks, Supplier's Risks and Transaction's Risks. All of these risks are based on Transaction Cost Theory. The second one is the intention to get (or buy) Real Options to manage the risks. In the research model, two types of real option are included: option to abandon (put option) and option to defer (call option). This study uses questionnaires and statistics methodology (PLS) to analyze the hypotheses proposed in the research model. Compared with prior studies, this study is different in two ways. First, this study restricts the range of IT risks. Prior researches of IT Risk management in MIS area cover various range of IT risks, but this study focuses on the Korean SME's IT outsourcing risks on the basis of Transaction Cost Theory. This study tests the relationship between the risks and real option types. Second, this study tries to test the moderating effect of user's risks and supplier's risks on the relationship between transaction's risks and real option types. In IT outsourcing research area, almost studies focus on the direct relationships between IT risks and outsourcing success. But in reality, the co-relationship among IT risks may occur. There are some findings according to the research analysis. First, risks related with user's risks have strong causal relationships with the intention to get option to abandon (put) and option to defer. But risks related with supplier's risks have causal relationships only with option to abandon (put). Second, user's risks and supplier's risks have no moderating effect on the relationship between transaction's risks and real option types. According to the research results, this research have some important and interesting implications on the IS outsourcing business area. First, this study identifies the effective types of real option to minimize the risks occurred during the IT outsourcing projects. So IS outsourcing service users can manage (or minimize) effectively the risks, which occurred during outsourcing projects, using real options. Second, real option gives benefits to suppliers and users at the same time (i.e., win-win strategies between IS outsourcing service providers and users). Vendors (:IS outsourcing service providers) can offer users the real options which can minimize the occurrence of risks in time. "IN TIME" means that before the IS outsourcing project starts, vendors can offer users the opportunity to buy real options in appropriate prices to manage the possibility of the risks of IS outsourcing project. And users also have chance to minimize the IT outsourcing risks occurred during the project process using real options.

• 무역상무연구
• /
• 제27권
• /
• pp.129-161
• /
• 2005

Todays, computers in business world are potent facilitators that most companies could not without them, while they are only tools. They offer extremely efficient means of communication, particularly when connected to Internet. What I stress in this article is the risks accompanied by e-commerce rather than the advantages of Internet or e-commerce. The management of e-commerce companies, therefore, should keep in mind that the benefit of e-commerce through the Internet are accompanied by enhanced and new risks, cyber risks or e-commerce risks. For example, companies are exposed to computer system breakdown and business interruption risks owing to traditional and physical risks such as theft and fire etc, computer programming errors and defect softwares and outsider's attack such as hacking and virus. E-commerce companies are also exposed to tort liabilities owing to defamation, the infringement of intellectual property such as copyright, trademark and patent right, negligent misrepresent and breach of confidential information or privacy infringement. In this article, I would like to suggest e-commerce insurance or cyber liability insurance as a means of risk management rather than some technical devices, because there is not technically perfect defence against cyber risks. But e-commerce insurance has some gaps between risks confronted by companies and coverage needed by them, because it is at most 6 or 7 years since it has been introduced to market. Nevertheless, in my opinion, e-commerce insurance has offered the most perfect defence against cyber risks to e-commerce companies up to now.

• 통상정보연구
• /
• 제7권3호
• /
• pp.27-51
• /
• 2005

Todays, computers in business world are potent facilitators that most companies could not without them, while they are only tools. They offer extremely efficient means of communication, particularly when connected to Internet. What I stress in this article is the risks accompanied by e-commerce rather than the advantages of Internet or e-commerce. The management of e-commerce companies, therefore, should keep in mind that the benefit of e-commerce through the Internet are accompanied by enhanced and new risks, cyber risks or e-commerce risks. For example, companies are exposed to computer system breakdown and business interruption risks owing to traditional and physical risks such as theft and fire etc, computer programming errors and defect softwares and outsider's attack such as hacking and virus. E-commerce companies are also exposed to tort liabilities owing to defamation, the infringement of intellectual property such as copyright, trademark and patent right, negligent misrepresent and breach of confidential information or privacy infringement. In this article, I would like to suggest e-commerce insurance or cyber liability insurance as a means of risk management rather than some technical devices, because there is not technically perfect defence against cyber risks. But e-commerce insurance has some gaps between risks confronted by companies and coverage needed by them, because it is at most 6 or 7 years since it has been introduced to market. Nevertheless, in my opinion, e-commerce insurance has offered the most perfect defence against cyber risks to e-commerce companies up to now.

• 화약ㆍ발파
• /
• 제29권2호
• /
• pp.59-66
• /
• 2011

자연적, 기술적, 생물학적 재해에 의해 유발된 다양한 리스크가 조직의 업무연속성에 위협을 미친다. 업무연속성은 모든 조직에 가장 중요한 과제로써 그것을 적절히 관리하는 것은 조직의 성패를 가르게 된다. 업무연속성계획(BCP)은 업무연속성을 담보할 수 있는 관리 절차로 정의될 수 있다. BCP는 리스크관리, 상시운영계획, 재난대응/복구, 훈련/학습, 위기 전달 등을 포함한다. 이중에서 리스크관리는 리스크확인, 분석, 평가 처리를 하기 위한 체계적 방법으로 리스크평가는 리스크확인, 분석, 평가로 구성된다. 리스크평가는 BCP를 계획하기 위한 첫 번째 단계이다. 본 연구에서는 하수관거 매설 공사에 대해서 리스크평가를 수행하였다. 리스크평가 과정을 통해 건설 공사에 위협을 주는 18개의 리스크를 확인하였고 이들에 대한 리스크 수준 분석을 통해 대책이 필요한 가장 상위 수준의 리스크로는 '굴착면의 붕괴', '지중매설물 파손', '소음 및 먼지날림', '원자재값 상승'으로 나타났다.

• 산업공학
• /
• 제16권4호
• /
• pp.421-431
• /
• 2003

Due to the increasing complexity of the information systems environment, modern information systems are facing more difficult and various security risks than ever, there by calling for a higher level of security safeguard. In this paper, an information technology security risk management model, which modified by adopting the concept of business processes, is applied to client/server distributed systems. The results demonstrate a high level of risk-detecting performance of the model, by detecting various kinds of security risks. In addition, a practical and efficient security control safeguard to cope with the identified security risks are suggested. Namely, using the proposed model, the risks on the assets in both of the I/O stage(on client side) and the request/processing stage(on server side), which can cause serious problems on business processes, are identified and the levels of the risks are analyzed. The analysis results show that maintenance of management and access control to application systems are critical in the I/O stage, while managerial security activities including training are critical in the request/processing stage.

• Journal of Information Processing Systems
• /
• 제10권1호
• /
• pp.132-144
• /
• 2014

Information always comes with security and risk problems. There is the saying that, "The tall tree catches much wind," and the risks from cloud services will absolutely be more varied and more severe. Nowadays, handling these risks is no longer just a technology problem. So far, a good deal of literature that focuses on risk or security management and frameworks in information systems has already been submitted. This paper analyzes the causal risk factors in cloud environments through critical success factors, from a business perspective. We then integrated these critical success factors into a business model for information security by mapping out 10 principles related to cloud risks. Thus, we were able to figure out which aspects should be given more consideration in the actual transactions of cloud services, and were able to make a business-level and general-risk control model for cloud computing.

• 한국산학기술학회논문지
• /
• 제11권2호
• /
• pp.703-708
• /
• 2010

정보원천의 다양화와 정보시스템 취약성의 증가는 비즈니스 위험을 증가시킨다. 성공적인 비즈니스는 적정한 비즈니스 위험관리를 통해서 가능하다. 그러나 비즈니스 위험관리는 재무적 관점에서 시행되고 있고, 정보보호관리제도는 정보보호의 관점에서만 이루어져 통합적인 비즈니스 위험관리를 수행하기에 부적절하다. 본 연구는 통합적인 비즈니스 위험관리기법을 개발하기 위하여 정보보호관리제도인 ISMS, EA, ISO27001, COBIT, SPICE, 정보시스템감리, SSE-CMM 등을 비즈니스 위험관리관점에서 분석하였다. 본 연구에서 분석된 정보보호관리제도는 비즈니스 위험관리를 위한 원천으로 활용가능하다.