The concept of IT risk management culture is an important topic in IS research because culture helps facilitate the successful implementation/adoption of ITRM frameworks. In this paper we develop an IT risk management (IT-RM) framework based on Cameron and Quinn’s model involving four dimensions of culture. Each cultural dimension is described in terms of how they relate to the implementation of IT-RM initiatives. Our contribution is to illustrate the utility of the framework by linking the four general cultural dimensions to propose a conceptual model of IT-RM values and beliefs. By doing so we present a necessary step in developing the concept of IT-RM culture and moving frameworks such as COBIT5 towards a more comprehensive framework based on systemic empirical research. © Springer Nature Switzerland AG 2020.
|Lecture Notes in Information Systems and Organisation
|4th International conference on Information and Communication Technologies in Organizations and Society
|26/03/19 → 29/03/19
- Conceptual research/study
- IT risk management