• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.1
• /
• pp.343-352
• /
• 2021

This study aims to identify the impact of the audit approach based on business risks (i.e., external environment risk, operations risk, information risk) in reducing unsystematic risks (i.e., operational risk, credit risk, liquidity risk, capital risk, and administrative risk) in Jordanian banks. To reduce the effect of unsystematic risks and, thus, improve banking performance, an audit approach based on business risks has emerged. To achieve the objectives, this study relied on descriptive statistics and the regression approach to study twenty-five Jordanian banks. The researcher used the intentional sampling method represented by employees of the accounting, financial and control departments in Jordanian banks. Seventeen banks contributed to the study, with a percentage of 68%, totaling 356 employees. A questionnaire was designed to obtain the data, and due to homogeneity among the sampling members, a purposive sample was drawn and 300 questionnaires were distributed. The results of the study found a statistically significant effect of the audit approach based on business risks with its combined dimensions on reducing unsystematic risks in Jordanian banks. The results of the study also found a statistically significant effect of the business risk-based audit approach with its combined dimensions on reducing operational risks in Jordanian banks.

• International Commerce and Information Review
• /
• v.7 no.3
• /
• pp.27-51
• /
• 2005

Todays, computers in business world are potent facilitators that most companies could not without them, while they are only tools. They offer extremely efficient means of communication, particularly when connected to Internet. What I stress in this article is the risks accompanied by e-commerce rather than the advantages of Internet or e-commerce. The management of e-commerce companies, therefore, should keep in mind that the benefit of e-commerce through the Internet are accompanied by enhanced and new risks, cyber risks or e-commerce risks. For example, companies are exposed to computer system breakdown and business interruption risks owing to traditional and physical risks such as theft and fire etc, computer programming errors and defect softwares and outsider's attack such as hacking and virus. E-commerce companies are also exposed to tort liabilities owing to defamation, the infringement of intellectual property such as copyright, trademark and patent right, negligent misrepresent and breach of confidential information or privacy infringement. In this article, I would like to suggest e-commerce insurance or cyber liability insurance as a means of risk management rather than some technical devices, because there is not technically perfect defence against cyber risks. But e-commerce insurance has some gaps between risks confronted by companies and coverage needed by them, because it is at most 6 or 7 years since it has been introduced to market. Nevertheless, in my opinion, e-commerce insurance has offered the most perfect defence against cyber risks to e-commerce companies up to now.

• The Journal of Information Systems
• /
• v.11 no.1
• /
• pp.1-28
• /
• 2002

Today, IT outsourcing has become a very important management strategy of implementing information systems in organizations. This paper investigates the risks and strategic recognition as a key factors effecting on the degree of outsourcing, Specifically the risks of outsourcing and its four components-control risk, economical risk, technical risk, relational risk-are examined to be a negative effect on the degree of outsourcing. And strategic recognition about outsourcing is examined to be a mediator factor between the risks and the degree of outsourcing. To empirically test these relationships, data are gathered from senior IT managers in 62 corporations. Results of this study show that the degree of outsourcing is strongly influenced by control risk, economical risk, relational risk. But technical risk does not influence on the degree of outsourcing. And strategic recognition about outsourcing is found that is mediator concern with the risks and the degree of outsourcing. The results indicate to provide a good framework to minimize the risks for IT outsourcing success.

• Archives of Craniofacial Surgery
• /
• v.19 no.1
• /
• pp.41-47
• /
• 2018

Background: The number of surgical risks recalled by a patient after surgery can be used as a parameter for assessing how well the patient has understood the informed consent process. No study has investigated the usefulness of a self-developed mobile application in the traditional informed consent process in patients with a nasal bone fracture. This study aimed to investigate whether delivery of information, such as surgical risks, through a mobile application is more effective than delivery of information through only verbal means and a paper. Methods: This prospective, randomized study included 60 patients with a nasal bone fracture. The experimental group (n=30) received preoperative explanation with the traditional informed consent process in addition to a mobile application, while the control group (n=30) received preoperative explanation with only the traditional informed consent process. Four weeks after surgery, the number of recalled surgical risks was compared for analysis. The following six surgical risks were explained: pain, bleeding, nasal deformity, numbness, nasal obstruction, and nasal cartilage necrosis. Results: The mean number of recalled surgical risks among all patients was $1.58{\pm}0.56$. The most frequently recalled surgical risk was nasal deformity in both groups. The mean number of recalled surgical risks was $1.72{\pm}0.52$ in the experimental group and $1.49{\pm}0.57$ in the control group. There was a significant association between mobile application use and the mean number of recalled surgical risks (p=0.047). Age, sex, and the level of education were not significantly associated with the mean number of recalled surgical risks. Conclusion: This study found that a mobile application could contribute to the efficient delivery of information during the informed consent process. With further improvement, it could be used in other plastic surgeries and other surgeries, and such an application can potentially be used for explaining risks as well as delivering other types of information.

• Asia pacific journal of information systems
• /
• v.23 no.2
• /
• pp.41-66
• /
• 2013

IS outsourcing has an important meaning to the Korean SME's (Small and Medium Enterprises) which want to use the IS Services. The objective of this research is to manage IT risks occurred during IS outsourcing project process. This study tries to identify these risks using real option methodology. In order to perform this objective, this study set up the research model which is composed of two main concepts. The first one is the risk factors occurred during IS outsourcing project process: User's Risks, Supplier's Risks and Transaction's Risks. All of these risks are based on Transaction Cost Theory. The second one is the intention to get (or buy) Real Options to manage the risks. In the research model, two types of real option are included: option to abandon (put option) and option to defer (call option). This study uses questionnaires and statistics methodology (PLS) to analyze the hypotheses proposed in the research model. Compared with prior studies, this study is different in two ways. First, this study restricts the range of IT risks. Prior researches of IT Risk management in MIS area cover various range of IT risks, but this study focuses on the Korean SME's IT outsourcing risks on the basis of Transaction Cost Theory. This study tests the relationship between the risks and real option types. Second, this study tries to test the moderating effect of user's risks and supplier's risks on the relationship between transaction's risks and real option types. In IT outsourcing research area, almost studies focus on the direct relationships between IT risks and outsourcing success. But in reality, the co-relationship among IT risks may occur. There are some findings according to the research analysis. First, risks related with user's risks have strong causal relationships with the intention to get option to abandon (put) and option to defer. But risks related with supplier's risks have causal relationships only with option to abandon (put). Second, user's risks and supplier's risks have no moderating effect on the relationship between transaction's risks and real option types. According to the research results, this research have some important and interesting implications on the IS outsourcing business area. First, this study identifies the effective types of real option to minimize the risks occurred during the IT outsourcing projects. So IS outsourcing service users can manage (or minimize) effectively the risks, which occurred during outsourcing projects, using real options. Second, real option gives benefits to suppliers and users at the same time (i.e., win-win strategies between IS outsourcing service providers and users). Vendors (:IS outsourcing service providers) can offer users the real options which can minimize the occurrence of risks in time. "IN TIME" means that before the IS outsourcing project starts, vendors can offer users the opportunity to buy real options in appropriate prices to manage the possibility of the risks of IS outsourcing project. And users also have chance to minimize the IT outsourcing risks occurred during the project process using real options.

• Asia pacific journal of information systems
• /
• v.13 no.4
• /
• pp.119-145
• /
• 2003

Recently, IT outsourcing has been one of the major concerns of many companies. This study proposes a model which composed the outsourcing planning and operational risks affecting the outsourcing performance. Especially, this study focused on the contractors perspective, because the outsourcing risk relative researches are recently performed on the service receivers perspective, contractors perspective researches were relatively lacked. The result of this study, outsourcing planning risks had not affected the outsourcing performance but it had positively affected the operational risks. And also, the outsourcing operational risks had negatively affected the outsourcing performance. For this reason, It is necessary to reduced planning risk induction for the outsourcing performance improvement. Because the planning risks positively affect the operational risks, it is necessary to reduced planning risk induction for the outsourcing performance improvement.

• Journal of Information Processing Systems
• /
• v.10 no.1
• /
• pp.132-144
• /
• 2014

Information always comes with security and risk problems. There is the saying that, "The tall tree catches much wind," and the risks from cloud services will absolutely be more varied and more severe. Nowadays, handling these risks is no longer just a technology problem. So far, a good deal of literature that focuses on risk or security management and frameworks in information systems has already been submitted. This paper analyzes the causal risk factors in cloud environments through critical success factors, from a business perspective. We then integrated these critical success factors into a business model for information security by mapping out 10 principles related to cloud risks. Thus, we were able to figure out which aspects should be given more consideration in the actual transactions of cloud services, and were able to make a business-level and general-risk control model for cloud computing.

• The Journal of Asian Finance, Economics and Business
• /
• v.9 no.1
• /
• pp.373-385
• /
• 2022

Due to the lack of information, medical tourists are regarded to be at high risk. Prior medical tourism research has found that various types of perceived risks have a significant impact on medical tourists' purchase behavior. Even though medical tourism is predicted to increase, there is a lack of behavioral research to explain how perceived risks affect medical tourists' purchase behavior. In the context of Korean medical tourism, this study attempts to evaluate the effects of multi-level (macro, organizational, and personal) factors on medical tourists' perceived risks and purchase intentions. A conceptual model and hypotheses were built and empirically validated to investigate links between multi-level characteristics, perceived risks, and purchasing intentions. The data for this study was collected from Chinese tourists using a questionnaire. The impact of cognitive country image, affective country image, and medical service quality on fundamental risk is confirmed by statistical testing. Surprisingly, expectancy discrepancy risk is influenced only by cognitive country image and information search capabilities. Both fundamental and expectation discrepancy risks lower medical tourists' purchase intentions. The findings of this study show that a multi-level strategy is required to investigate the links between perceived risks and medical tourism purchasing intentions based on macro, organizational, and personal factors.

• Asia pacific journal of information systems
• /
• v.22 no.1
• /
• pp.79-101
• /
• 2012

This study expands the current body of research by exploring multiple scenarios of insufficient and excessive IT security investments caused by interdependent risks and the interplay between IT security investments and cyber insurance. A key finding is that organizations experiencing interdependent risks with different types of cyber attacks (i.e., targeted and untargeted attacks) use different strategies in making IT security investment decisions and in purchasing cyber insurance policies for their information security risk management than firms that are facing independent risks. The study further provides an economic rationale for employing insurance mechanisms as a risk management solution for information security.

• Journal of Information Technology Applications and Management
• /
• v.11 no.3
• /
• pp.35-62
• /
• 2004

Recently, IT outsouricng has been one of the major concerns of many companies. This paper explores the relationship between information technology outsourcing risk factors and outsourcing performance. It is based upon a three-phase process utilizing IPO (Input-Process-Output) system. The first phase means the outsourcing planning risks t~at arise from overall environment of outsourcing, organizational refuse, and wrong contracts. The second phase implies outsourcing operational risks, which are occurred while out-sourcing perform and consist of organizational acceptances of outsourcing, partnership and hidden costs. The last phase is outsourcing performance based on four perspective of BSC(Blanced Scored Card). The survey was performed on the IT/IS firms, and the data was collected from 53 service receivers. The result of the analysis are as follows. First, Outsourcing planning risks positively affects the operational risks. Second, Outsourcing operational risks negatively affects the Outsourcing Performance.