logo

IT Risk Management 16 Running Head: Employees Bring Their Own Devices into the Workplace

   

Added on  2020-03-16

16 Pages4683 Words56 Views
Running Head: IT RISK MANAGEMENT1IT Risk ManagementStudent’s Name Institution
IT Risk Management 16 Running Head: Employees Bring Their Own Devices into the Workplace_1
IT RISK MANAGEMENT2IT Risk ManagementExecutive SummaryWe shall identify and evaluate risks management relating to the act of allowing employees to bring their own devices into the workplace. These devices are allowed in the workplace for use by employees in their work tasks. They include devices such as their personal tablets, mobile phones or laptops. When employees bring in their devices into the workplace which commonly referred to as bring your own device (BYOB) they put the company in which they work for at risk of being liable to any laws that have been broken with the use of the outsidedevice (Anderson, 2005). Aztec is a company that operates in the Australian Financial Services sector. The company handles a lot of information which is sensitive and can cause them to be legally liable if the information they have is leaked or happens to fall into the wrong hands. When employees use their own devices at work they may also be doing some of their private communication practices as well. A good example is when an individual is sexting using their personal device. It is in their own right to use their devices as they please but when they come with the same device into the workplace the company can be charged with misbehavior because the contents of the device can be used as concrete evidence. This goes to show how costly it can be for a company if their employees use their personal devices in doing their work. When an employee of a company is out in the field for example a company driver, if they happen to be distracted while driving and they are on the clock the company will be liable for any damage the employee might have caused (Lock, 2017). In some states the case has become so severe that they have banned emailing, photography, texting talking and pretty much use of a handheld devices while they drive. This measure has helped improve road safety by reducing the number of accidents on the road.
IT Risk Management 16 Running Head: Employees Bring Their Own Devices into the Workplace_2
IT RISK MANAGEMENT3IntroductionIT risk management is a risk management method in which information technology is assessed to identify the risks it poses or exposes a company to while being utilized. In a business or firm IT risk can be considered as part of a full scale enterprise risk management system (Crockford, 1986). An information security management system which is present in a company which is continually updated and maintained is a sign that the company has setup the necessary resources in helping to identify, manage and assess information security risks. IT risk management involves the assessment of not only the negative effects of using technology in a company but also the benefits that may be accompanied with it (Verin & Trumper, 2007). Decision theory should be utilized when assessing risk because it is something that is comprised of a lot of uncertainty. IT risk management as with all forms of risk management should be done continuously to ensure that the information obtained is updated. This is because there are changes which are ongoing all the time that can affect a company and therefore for IT risk management to be effective the process of analysis of risk should be continuous to ensure the company can be able to avert a lot of risk when it faces a problem (Katsicas, 2009). Need for Risk Assessment SystemOrganizations should have in place an enterprise risk management system (ERM) which is very comprehensive. There are four main categories which should be addressed when implementing an enterprise risk management system. They are operations which focuses on the effective use of resources in an organization, compliance which ensures the company is compliant with the legal regulations and laws that are applicable to it, strategy which ensures the
IT Risk Management 16 Running Head: Employees Bring Their Own Devices into the Workplace_3
IT RISK MANAGEMENT4systems support are in line with the mission of the organization and financial reporting which ensures financial records are reliable (Flyvbjerg & Budzier, 2011). IT risk management encompasses all these categories and therefore plays a critical role within an organization to ensure risk is kept at manageable level in a company. Risk sensitivity and risk appetite should be a guiding in factor within the IT risk management process (Taylor & VanMarcke, 2002).Consequences of RiskCompanies are now not being faced with lawsuits due to such cases because it has been stated in the law that all individuals including their employees are not to handle any handheld device while driving. If a company has blocked social media sites their employees can be able to access these sites using their personal devices. They can engage on social media as usual but if there is a case such as racial discrimination on social media which was instigated by an employeewhile at the work place the company is liable to any damages that may have been caused by the employee (Roehrig, 2006). An unknown device which is lost and found and used within a company can be a major risk factor. The device might contain unwanted information which might put the company at risk of having legal problems. These devices are also used by individuals who have malicious intent against the company or have purposed to carry out corporate espionage. It is therefore very important for the company to ensure that it has a strict policy which restricts employees from using their personal devices as they work (Antunes & Vincente, 2015). The personal devices pose a major risk factor and are best avoided when at the workplace to ensure the level of risk that may come from them is minimal or none at all.Financial institutions such as Aztec usually have to adhere to the set industry or government compliance or regulation. This is mainly to ensure that such institutions operate
IT Risk Management 16 Running Head: Employees Bring Their Own Devices into the Workplace_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Bring your Own Device | Project
|17
|5265
|85

Commonwealth Bank of Australia Risk Assessment
|23
|5966
|42

IT Risk Assessment Case Study
|16
|5118
|65

BYOD Devices and Countermeasure - Doc
|10
|2587
|147

Assessing Cybersecurity in an Organization: BYOD Policy and Phishing Risks
|12
|2224
|335

Case Study on IT Risk Assessment
|15
|6227
|173