TY - JOUR
T1 - A Framework for Assessing Technology Risks in Transaction-Based Extended Enterprises
T2 - U.S. Capital Market Case
AU - Friedhoff, Jerry M.
AU - Mansouri, Mo
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/9
Y1 - 2017/9
N2 - Ensuring operational reliability of the technology-based systems processing transactions for industries such as the U.S. capital market is vital to the global economy. Within this context, monitoring operational IT risk levels (a component of enterprise risk management) across the various supply chains or "extended enterprises" (EEs) making up these highly automated sectors becomes particularly important. This paper proposes an approach for segmentation of complex industries such as the U.S. capital markets into EEs and assessing their IT operational risk level. The concept of EE technology risk index is introduced and modified with the use of fault tree analysis to help oversight groups monitoring technology risks for this type of industry. The proposed methodology is illustrated with one of the EEs within the U.S. capital market. Observations on the approach and potential future research is discussed.
AB - Ensuring operational reliability of the technology-based systems processing transactions for industries such as the U.S. capital market is vital to the global economy. Within this context, monitoring operational IT risk levels (a component of enterprise risk management) across the various supply chains or "extended enterprises" (EEs) making up these highly automated sectors becomes particularly important. This paper proposes an approach for segmentation of complex industries such as the U.S. capital markets into EEs and assessing their IT operational risk level. The concept of EE technology risk index is introduced and modified with the use of fault tree analysis to help oversight groups monitoring technology risks for this type of industry. The proposed methodology is illustrated with one of the EEs within the U.S. capital market. Observations on the approach and potential future research is discussed.
KW - Extended enterprises (EE)
KW - fault tree analysis (FTA)
KW - information technology risk
UR - http://www.scopus.com/inward/record.url?scp=84964682255&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84964682255&partnerID=8YFLogxK
U2 - 10.1109/JSYST.2015.2495282
DO - 10.1109/JSYST.2015.2495282
M3 - Article
AN - SCOPUS:84964682255
SN - 1932-8184
VL - 11
SP - 1505
EP - 1515
JO - IEEE Systems Journal
JF - IEEE Systems Journal
IS - 3
M1 - 7460164
ER -