A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level

Thesis (MComm)--Stellenbosch University, 2015. === ENGLISH ABSTRACT: The consumerisation of mobile technology is driving the mobile revolution and enterprises are forced to incorporate mobile solutions into their business processes in order to remain competitive. While there are many benefits rela...

Full description

Bibliographic Details
Main Author: Sahd, Lize-Marie
Other Authors: Rudman, Riaan J.
Format: Others
Language:en_ZA
Published: Stellenbosch : Stellenbosch University 2015
Subjects:
Online Access:http://hdl.handle.net/10019.1/96674
id ndltd-netd.ac.za-oai-union.ndltd.org-sun-oai-scholar.sun.ac.za-10019.1-96674
record_format oai_dc
collection NDLTD
language en_ZA
format Others
sources NDLTD
topic Mobile computing
Mobile communication systems
Business enterprises -- Computer networks -- Security measures
Mobile computing -- Security measures
Computer security
Mobile computing -- Risk management
UCTD
spellingShingle Mobile computing
Mobile communication systems
Business enterprises -- Computer networks -- Security measures
Mobile computing -- Security measures
Computer security
Mobile computing -- Risk management
UCTD
Sahd, Lize-Marie
A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level
description Thesis (MComm)--Stellenbosch University, 2015. === ENGLISH ABSTRACT: The consumerisation of mobile technology is driving the mobile revolution and enterprises are forced to incorporate mobile solutions into their business processes in order to remain competitive. While there are many benefits relating to the investment in and use of mobile technology, significant risks are also being introduced into the business. The fast pace of technological innovation and the rate of adoption of mobile technology by employees has, however, created an environment where enterprises are deploying mobile solutions on an ad hoc basis. Enterprises are only addressing the risks as they are occurring and resulting in losses. The key contributing factor to this lack of governance and management is the fact that those charged with governance do not understand the underlying mobile technology components. The purpose of this research is to improve the understanding of the underlying components of mobile technology. The research further proposes to use this understanding to identify the significant risks related to mobile technology and to formulate appropriate internal controls to address these risks. The findings of the research identified the following underlying components of mobile technology: mobile devices; mobile infrastructure, data delivery mechanisms and enabling technologies; and mobile applications. Based on an understanding of the components and subcategories of mobile technology, a control framework was used to identify the significant risks related to each component and subcategory. The significant risks identified included both risks to the users (including interoperability, user experience, connectivity and IT support) as well as risks to the enterprise’s strategies (including continuity, security, cost and data ownership). The research concludes by formulating internal controls that the enterprise can implement to mitigate the significant risks. This resulted in two matrixes that serve as quick-reference guides to enterprises in the identification of significant risks at an enterprise specific mobile technology component level, as well as the relevant internal controls to consider. The matrixes also assist enterprises in determining the best mobile solutions to deploy in their business, given their strategies, risk evaluation and control environment. === AFRIKAANSE OPSOMMING: Die mobiele revolusie word deur die verbruiker van mobiele tegnologie aangedryf en, ten einde kompeterend te bly, word ondernemings gedwing om mobiele tegnologie in hul besigheidsprosesse te implementeer. Terwyl daar baie voordele verbonde is aan die investering in en gebruik van mobiele tegnologie, word die besigheid egter ook blootgestel aan wesenlike risiko’s. Die vinnige tempo waarteen mobiele tegnologie ontwikkel en deur werknemers aangeneem word, het egter ʼn omgewing geskep waarin ondernemings mobiele tegnologie op ʼn ad hoc basis ontplooi. Besighede spreek eers die risiko’s aan nadat dit reeds voorgekom het en verliese as gevolg gehad het. Die hoof bydraende faktor tot die tekort aan beheer en bestuur van mobiele tegnologie is die feit dat diegene verantwoordelik vir beheer, nie onderliggend mobiele tegnologie komponente verstaan nie. Die doel van hierdie navorsing is om die begrip van die onderliggende komponente van mobiele tegnologie te verbeter. Die navorsing poog verder om die wesenlike risiko’s verbonde aan mobiele tegnologie te identifiseer en om toepaslike interne beheermaatreëls te formuleer wat die risiko’s sal aanspreek. Die bevindinge van die navorsing het die volgende onderliggende komponente van mobiele tegnologie geïdentifiseer: mobiele toestelle; mobiele infrastruktuur, data afleweringsmeganismes, en bemagtigende tegnologieë; en mobiele toepassings. Gebaseer op ʼn begrip van die komponente en subkategorieë van mobiele tegnologie, is ʼn kontrole raamwerk gebruik om die wesenlike risiko’s verbonde aan elke komponent en subkategorie van die tegnologie, te identifiseer. Die wesenlike risiko’s sluit beide risiko’s vir die gebruiker (insluitend kontinuïteit, gebruikerservaring, konnektiwiteit en IT ondersteuning) sowel as risiko’s vir die onderneming se strategieë (insluitend kontinuïteit, sekuriteit, koste en data eienaarskap) in. Die navorsing sluit af met die formulering van die beheermaatreëls wat geïmplementeer kan word om die wesenlike risiko’s aan te spreek. Dit het gelei tot twee tabelle wat as vinnige verwysingsraamwerke deur ondernemings gebruik kan word in die identifisering van wesenlike risiko’s op ʼn onderneming-spesifieke tegnologie komponentvlak asook die oorweging van relevante interne beheermaatreëls. Die tabelle help ondernemings ook om die beste mobiele tegnologie vir hul besigheid te implementeer, gebaseer op hul strategie, risiko evaluering en beheeromgewing.
author2 Rudman, Riaan J.
author_facet Rudman, Riaan J.
Sahd, Lize-Marie
author Sahd, Lize-Marie
author_sort Sahd, Lize-Marie
title A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level
title_short A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level
title_full A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level
title_fullStr A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level
title_full_unstemmed A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level
title_sort structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level
publisher Stellenbosch : Stellenbosch University
publishDate 2015
url http://hdl.handle.net/10019.1/96674
work_keys_str_mv AT sahdlizemarie astructuredapproachtotheidentificationofthesignificantrisksrelatedtoenterprisemobilesolutionsatamobiletechnologycomponentlevel
AT sahdlizemarie structuredapproachtotheidentificationofthesignificantrisksrelatedtoenterprisemobilesolutionsatamobiletechnologycomponentlevel
_version_ 1718163342125694976
spelling ndltd-netd.ac.za-oai-union.ndltd.org-sun-oai-scholar.sun.ac.za-10019.1-966742016-01-29T04:02:33Z A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level Sahd, Lize-Marie Rudman, Riaan J. Stellenbosch University. Faculty of Economic and Management Sciences. School of Accounting. Mobile computing Mobile communication systems Business enterprises -- Computer networks -- Security measures Mobile computing -- Security measures Computer security Mobile computing -- Risk management UCTD Thesis (MComm)--Stellenbosch University, 2015. ENGLISH ABSTRACT: The consumerisation of mobile technology is driving the mobile revolution and enterprises are forced to incorporate mobile solutions into their business processes in order to remain competitive. While there are many benefits relating to the investment in and use of mobile technology, significant risks are also being introduced into the business. The fast pace of technological innovation and the rate of adoption of mobile technology by employees has, however, created an environment where enterprises are deploying mobile solutions on an ad hoc basis. Enterprises are only addressing the risks as they are occurring and resulting in losses. The key contributing factor to this lack of governance and management is the fact that those charged with governance do not understand the underlying mobile technology components. The purpose of this research is to improve the understanding of the underlying components of mobile technology. The research further proposes to use this understanding to identify the significant risks related to mobile technology and to formulate appropriate internal controls to address these risks. The findings of the research identified the following underlying components of mobile technology: mobile devices; mobile infrastructure, data delivery mechanisms and enabling technologies; and mobile applications. Based on an understanding of the components and subcategories of mobile technology, a control framework was used to identify the significant risks related to each component and subcategory. The significant risks identified included both risks to the users (including interoperability, user experience, connectivity and IT support) as well as risks to the enterprise’s strategies (including continuity, security, cost and data ownership). The research concludes by formulating internal controls that the enterprise can implement to mitigate the significant risks. This resulted in two matrixes that serve as quick-reference guides to enterprises in the identification of significant risks at an enterprise specific mobile technology component level, as well as the relevant internal controls to consider. The matrixes also assist enterprises in determining the best mobile solutions to deploy in their business, given their strategies, risk evaluation and control environment. AFRIKAANSE OPSOMMING: Die mobiele revolusie word deur die verbruiker van mobiele tegnologie aangedryf en, ten einde kompeterend te bly, word ondernemings gedwing om mobiele tegnologie in hul besigheidsprosesse te implementeer. Terwyl daar baie voordele verbonde is aan die investering in en gebruik van mobiele tegnologie, word die besigheid egter ook blootgestel aan wesenlike risiko’s. Die vinnige tempo waarteen mobiele tegnologie ontwikkel en deur werknemers aangeneem word, het egter ʼn omgewing geskep waarin ondernemings mobiele tegnologie op ʼn ad hoc basis ontplooi. Besighede spreek eers die risiko’s aan nadat dit reeds voorgekom het en verliese as gevolg gehad het. Die hoof bydraende faktor tot die tekort aan beheer en bestuur van mobiele tegnologie is die feit dat diegene verantwoordelik vir beheer, nie onderliggend mobiele tegnologie komponente verstaan nie. Die doel van hierdie navorsing is om die begrip van die onderliggende komponente van mobiele tegnologie te verbeter. Die navorsing poog verder om die wesenlike risiko’s verbonde aan mobiele tegnologie te identifiseer en om toepaslike interne beheermaatreëls te formuleer wat die risiko’s sal aanspreek. Die bevindinge van die navorsing het die volgende onderliggende komponente van mobiele tegnologie geïdentifiseer: mobiele toestelle; mobiele infrastruktuur, data afleweringsmeganismes, en bemagtigende tegnologieë; en mobiele toepassings. Gebaseer op ʼn begrip van die komponente en subkategorieë van mobiele tegnologie, is ʼn kontrole raamwerk gebruik om die wesenlike risiko’s verbonde aan elke komponent en subkategorie van die tegnologie, te identifiseer. Die wesenlike risiko’s sluit beide risiko’s vir die gebruiker (insluitend kontinuïteit, gebruikerservaring, konnektiwiteit en IT ondersteuning) sowel as risiko’s vir die onderneming se strategieë (insluitend kontinuïteit, sekuriteit, koste en data eienaarskap) in. Die navorsing sluit af met die formulering van die beheermaatreëls wat geïmplementeer kan word om die wesenlike risiko’s aan te spreek. Dit het gelei tot twee tabelle wat as vinnige verwysingsraamwerke deur ondernemings gebruik kan word in die identifisering van wesenlike risiko’s op ʼn onderneming-spesifieke tegnologie komponentvlak asook die oorweging van relevante interne beheermaatreëls. Die tabelle help ondernemings ook om die beste mobiele tegnologie vir hul besigheid te implementeer, gebaseer op hul strategie, risiko evaluering en beheeromgewing. 2015-05-20T09:13:41Z 2015-05-20T09:13:41Z 2015-04 Thesis http://hdl.handle.net/10019.1/96674 en_ZA Stellenbosch University 108 pages : illustrations Stellenbosch : Stellenbosch University