Cyber risk management frameworks for the South African banking industry
- Authors: Koto, Caroline
- Date: 2019
- Subjects: Computer crimes , Cyberspace - Security measures , Business - Data processing - Security measures , Business enterprises - Computer networks - Security measures , Risk management , Banks and banking - South Africa
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/403209 , uj:33776
- Description: Abstract : Information technology (IT) has proven to be critical in the operation of businesses today. The banking industry is one of the industries that are most reliant on IT. The banking industry has enjoyed greater efficiency and effectiveness in their operations owing to the widespread use of IT. However, due to IT and continuous technological advancements, new threats such as cyber risk have surfaced, and the banking industry has experienced the most cybercrime incidents. In addition to the banking industry being the most targeted by cyber-criminals, cybercrime incidents have detrimental impacts on the industry. As a result, it is crucial for banks to employ effective cyber risk management processes. The South African banking industry is required by the South African Reserve Bank (SARB) to align their cyber risk management processes to the cyber resilience guidance document issued by the Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO). The CPMI–IOSCO cyber resilience guidance contains guidelines that should be addressed within a bank’s cyber risk management framework. This study seeks to establish whether the Improving Critical Infrastructure Cybersecurity (ICIC) framework addresses the guidelines contained in the CPMI–IOSCO cyber resilience guidance. The ICIC framework is effective for managing cyber risk and allows an organisation to modify it to suit its specific needs and objectives. The objective of the study is to recommend to the South African banking industry, a framework for managing cyber risks that is effective and that addresses the CPMI–IOSCO cyber resilience guidelines. The results were gathered by analysing the ICIC framework and mapping it against the CPMI–IOSCO cyber resilience guidelines. The results revealed that the ICIC framework addresses up to 71 percent of the CPMI –IOSCO cyber resilience guidelines. The study therefore recommends that instead of building a new cyber risk management framework, the South African banking industry should adopt the ICIC framework and modify it by adding the 29 percent of the CPMI –IOSCO cyber resilience guidelines not addressed by the ICIC framework. All the guidelines contained in the CPMI–IOSCO cyber resilience guidance will then be addressed within the modified ICIC framework. South African banks will also achieve effective management of cyber risks through the ICIC framework. , M.Com. (Computer Auditing)
- Full Text:
- Authors: Koto, Caroline
- Date: 2019
- Subjects: Computer crimes , Cyberspace - Security measures , Business - Data processing - Security measures , Business enterprises - Computer networks - Security measures , Risk management , Banks and banking - South Africa
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/403209 , uj:33776
- Description: Abstract : Information technology (IT) has proven to be critical in the operation of businesses today. The banking industry is one of the industries that are most reliant on IT. The banking industry has enjoyed greater efficiency and effectiveness in their operations owing to the widespread use of IT. However, due to IT and continuous technological advancements, new threats such as cyber risk have surfaced, and the banking industry has experienced the most cybercrime incidents. In addition to the banking industry being the most targeted by cyber-criminals, cybercrime incidents have detrimental impacts on the industry. As a result, it is crucial for banks to employ effective cyber risk management processes. The South African banking industry is required by the South African Reserve Bank (SARB) to align their cyber risk management processes to the cyber resilience guidance document issued by the Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO). The CPMI–IOSCO cyber resilience guidance contains guidelines that should be addressed within a bank’s cyber risk management framework. This study seeks to establish whether the Improving Critical Infrastructure Cybersecurity (ICIC) framework addresses the guidelines contained in the CPMI–IOSCO cyber resilience guidance. The ICIC framework is effective for managing cyber risk and allows an organisation to modify it to suit its specific needs and objectives. The objective of the study is to recommend to the South African banking industry, a framework for managing cyber risks that is effective and that addresses the CPMI–IOSCO cyber resilience guidelines. The results were gathered by analysing the ICIC framework and mapping it against the CPMI–IOSCO cyber resilience guidelines. The results revealed that the ICIC framework addresses up to 71 percent of the CPMI –IOSCO cyber resilience guidelines. The study therefore recommends that instead of building a new cyber risk management framework, the South African banking industry should adopt the ICIC framework and modify it by adding the 29 percent of the CPMI –IOSCO cyber resilience guidelines not addressed by the ICIC framework. All the guidelines contained in the CPMI–IOSCO cyber resilience guidance will then be addressed within the modified ICIC framework. South African banks will also achieve effective management of cyber risks through the ICIC framework. , M.Com. (Computer Auditing)
- Full Text:
An integrated approach to disaster risk management
- Authors: Baloyi, Vukosi Thomas
- Date: 2018
- Subjects: Disasters - Risk assessment , Emergency management , Risk management , Hazard mitigation
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/293845 , uj:31960
- Description: M.Ing. (Engineering Management) , Abstract: Even in developed countries, natural hazards triggers major disasters. It gets worse in developing countries, where natural hazards building codes and standards are not integrated from planning phases when constructing structures. With sustainable development under threat from the impact of disasters, urgent need to strengthen capacity for the realization and management of community and constructed structural resilience is critical. With the World facing disaster challenge, this research seeks to research, identify, and recommend an implementable Disaster Risk Management (DRM) Best Practice (DRMBP) with the objective to substantially reduce disaster risk. The endless occurrences of natural disasters throughout the World motivate the significant shift from disaster management to DRM. DRM aims to substantially minimize the loss of human lives and economy by mitigating potential damages from disasters. While disasters are inevitable; through preparedness and mitigation measures, their rising devastating impact can be reduced. Promotion and support of science and technology-based methodologies to bridge technology gap in order to build effective DRM processes that can substantially reduce the loss of lives and economy is necessary. Currently, it is of concern that disaster losses are on the rise while science and engineering inspired systems, devices, and processes designed for mitigation impact from disasters are operational. The Sendai Framework for Disaster Risk Reduction (2015-2030) (SFDRR) emphasize the four Priorities for Actions to reducing the losses and damages and ensure the building of resilience. To realize these, SFDRR recommend amongst many parameters technological measures for intervention in order to increase preparedness level (including early warning systems and evacuation plans) and prevention of new and existing disaster risk. The disruptive technologies of Industry 4.0, the Internet of Things (IoT), is encouraging innovation in different sectors. This Information and Communication Technology (ICT) solution has completely reinvented, transformed, and addressed most challenges faced in the World. Considered a technology breakthrough as regarded as an industrial revolution; IoT enables the transformation of an ordinary device to a smart Thing. While ordinary device remains working in silos and depend on human interaction, IoT infrastructure establish an interoperability environment where smart Things communicate and constitute real-time decision analytics...
- Full Text:
- Authors: Baloyi, Vukosi Thomas
- Date: 2018
- Subjects: Disasters - Risk assessment , Emergency management , Risk management , Hazard mitigation
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/293845 , uj:31960
- Description: M.Ing. (Engineering Management) , Abstract: Even in developed countries, natural hazards triggers major disasters. It gets worse in developing countries, where natural hazards building codes and standards are not integrated from planning phases when constructing structures. With sustainable development under threat from the impact of disasters, urgent need to strengthen capacity for the realization and management of community and constructed structural resilience is critical. With the World facing disaster challenge, this research seeks to research, identify, and recommend an implementable Disaster Risk Management (DRM) Best Practice (DRMBP) with the objective to substantially reduce disaster risk. The endless occurrences of natural disasters throughout the World motivate the significant shift from disaster management to DRM. DRM aims to substantially minimize the loss of human lives and economy by mitigating potential damages from disasters. While disasters are inevitable; through preparedness and mitigation measures, their rising devastating impact can be reduced. Promotion and support of science and technology-based methodologies to bridge technology gap in order to build effective DRM processes that can substantially reduce the loss of lives and economy is necessary. Currently, it is of concern that disaster losses are on the rise while science and engineering inspired systems, devices, and processes designed for mitigation impact from disasters are operational. The Sendai Framework for Disaster Risk Reduction (2015-2030) (SFDRR) emphasize the four Priorities for Actions to reducing the losses and damages and ensure the building of resilience. To realize these, SFDRR recommend amongst many parameters technological measures for intervention in order to increase preparedness level (including early warning systems and evacuation plans) and prevention of new and existing disaster risk. The disruptive technologies of Industry 4.0, the Internet of Things (IoT), is encouraging innovation in different sectors. This Information and Communication Technology (ICT) solution has completely reinvented, transformed, and addressed most challenges faced in the World. Considered a technology breakthrough as regarded as an industrial revolution; IoT enables the transformation of an ordinary device to a smart Thing. While ordinary device remains working in silos and depend on human interaction, IoT infrastructure establish an interoperability environment where smart Things communicate and constitute real-time decision analytics...
- Full Text:
Investigating the factors, risks and challenges impacting cloud computing services adoption rate across all the sectors
- Authors: Shisane, Fanie
- Date: 2018
- Subjects: Cloud computing , Cloud computing - Management , Risk management
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/286053 , uj:30946
- Description: M.Phil. (Engineering Management) , Abstract: It is anticipated that in the next five years almost all aspects or services of Information Technology (IT) will definitely be dynamic, movable, and interactive. This refers to data accessibility, workload, and all other computing needs including resources. IT companies and organizations will be migrating IT infrastructure, services, data, and software applications to Cloud services rapidly. Manufacturing and engineering companies will definitely seek to optimize their Information Technology (IT) environments and reduce high operational costs by adopting Cloud computing services at a rapid rate. Moreover, it is projected that customers and end users will store and access hundreds of gigabytes of data. Cloud computing is considered to be the best recent technology invention to fast track this gap. Cloud services provide efficient IT services and facilitate on-demand access to shared pools of various computing resources. As a result of these profound changes, all aspects of traditional Information Security (IS), control standards and performance will be challenged, especially engineering systems (Manufacturing, electronic, electrical, and control), engineering services, engineering processes, legacy applications and on–premises systems. Furthermore, there are factors and risks impacting Cloud computing services adoption rate that needs to be considered rigorously. The primary objective of the study mainly focuses on investigating the factors affecting Cloud computing adoption rate and risks associated with Cloud computing services adoption across board including engineering and manufacturing sectors or domains. Furthermore, the study assesses the impact this has on Information Technology (IT) services, engineering systems (Manufacturing, electronic, electrical and control), process instrumentation and engineering services. The study begins by introducing Cloud computing concept, and provides the background of Cloud computing. Secondly, it introduces the research problem, objectives and maps the dissertation outline. In line with the main objective, this research study also reviews existing information security policies, control standards and guidelines that should be adopted to secure IT systems and Cloud services. The study was mainly guided by literature review of previous studies (Peer reviewed articles, books, journals, reports and surveys). Therefore, an extensive systematic literature review research methodology method was applied on research articles that reported on factors affecting adoption of Cloud computing services and the risks impacting Cloud computing implementation to collect and analyse data. Moreover, Cloud computing’s reports prepared by reputable organizations are derived as part of other sources. These reports are then selected and evaluated to determine the current status of Cloud computing adoption and establish factors slowing Cloud adoption rate with an aim to assist potential Cloud services adopters.
- Full Text:
- Authors: Shisane, Fanie
- Date: 2018
- Subjects: Cloud computing , Cloud computing - Management , Risk management
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/286053 , uj:30946
- Description: M.Phil. (Engineering Management) , Abstract: It is anticipated that in the next five years almost all aspects or services of Information Technology (IT) will definitely be dynamic, movable, and interactive. This refers to data accessibility, workload, and all other computing needs including resources. IT companies and organizations will be migrating IT infrastructure, services, data, and software applications to Cloud services rapidly. Manufacturing and engineering companies will definitely seek to optimize their Information Technology (IT) environments and reduce high operational costs by adopting Cloud computing services at a rapid rate. Moreover, it is projected that customers and end users will store and access hundreds of gigabytes of data. Cloud computing is considered to be the best recent technology invention to fast track this gap. Cloud services provide efficient IT services and facilitate on-demand access to shared pools of various computing resources. As a result of these profound changes, all aspects of traditional Information Security (IS), control standards and performance will be challenged, especially engineering systems (Manufacturing, electronic, electrical, and control), engineering services, engineering processes, legacy applications and on–premises systems. Furthermore, there are factors and risks impacting Cloud computing services adoption rate that needs to be considered rigorously. The primary objective of the study mainly focuses on investigating the factors affecting Cloud computing adoption rate and risks associated with Cloud computing services adoption across board including engineering and manufacturing sectors or domains. Furthermore, the study assesses the impact this has on Information Technology (IT) services, engineering systems (Manufacturing, electronic, electrical and control), process instrumentation and engineering services. The study begins by introducing Cloud computing concept, and provides the background of Cloud computing. Secondly, it introduces the research problem, objectives and maps the dissertation outline. In line with the main objective, this research study also reviews existing information security policies, control standards and guidelines that should be adopted to secure IT systems and Cloud services. The study was mainly guided by literature review of previous studies (Peer reviewed articles, books, journals, reports and surveys). Therefore, an extensive systematic literature review research methodology method was applied on research articles that reported on factors affecting adoption of Cloud computing services and the risks impacting Cloud computing implementation to collect and analyse data. Moreover, Cloud computing’s reports prepared by reputable organizations are derived as part of other sources. These reports are then selected and evaluated to determine the current status of Cloud computing adoption and establish factors slowing Cloud adoption rate with an aim to assist potential Cloud services adopters.
- Full Text:
Schedule risk analysis of railway projects using monte-carlo simulation
- Authors: Mabeba, Motlatso
- Date: 2018
- Subjects: Risk management , Railroads - Management , Monte Carlo method
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/286098 , uj:30951
- Description: M.Ing. (Engineering Management) , Abstract: Railways have been used throughout history for the transportation of goods. Even though the inception of rail improved civilization, due to its inefficiencies, road transport is dominating the freight and logistics industry. Company A, which has the largest market share in rail has embarked on projects in an attempt to improve rail efficiencies by moving more volumes of freight timeously. Most of the projects of Company A have failed largely due to the poor planning of the projects in the feasibility stages. Most of the planning schedules are overoptimistic and thus unreliable. The scope of this study is to investigate the way in which planning schedules of Company A are developed by undertaking a schedule risk analysis and using Monte Carlo simulation to validate the schedule. If projects of Company A can be planned better, using schedule risk analysis, projects can become more successful in terms of delivering projects on time and then execute the projects on time.
- Full Text:
- Authors: Mabeba, Motlatso
- Date: 2018
- Subjects: Risk management , Railroads - Management , Monte Carlo method
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/286098 , uj:30951
- Description: M.Ing. (Engineering Management) , Abstract: Railways have been used throughout history for the transportation of goods. Even though the inception of rail improved civilization, due to its inefficiencies, road transport is dominating the freight and logistics industry. Company A, which has the largest market share in rail has embarked on projects in an attempt to improve rail efficiencies by moving more volumes of freight timeously. Most of the projects of Company A have failed largely due to the poor planning of the projects in the feasibility stages. Most of the planning schedules are overoptimistic and thus unreliable. The scope of this study is to investigate the way in which planning schedules of Company A are developed by undertaking a schedule risk analysis and using Monte Carlo simulation to validate the schedule. If projects of Company A can be planned better, using schedule risk analysis, projects can become more successful in terms of delivering projects on time and then execute the projects on time.
- Full Text:
Supply chain performance and customer service in the mining explosives industry
- Buthelezi, Thandeka Zamashenge
- Authors: Buthelezi, Thandeka Zamashenge
- Date: 2018
- Subjects: Business logistics , Risk management , Customer services , Explosives industry , Consumer satisfaction
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/292134 , uj:31742
- Description: Abstract: In the mining industry that is plagued with increased competition and low profitability, gaining a competitive advantage is a mammoth task as the mining customers are faced with decreasing profit margins due to declining commodity prices and increases in critical cost drivers. Thus, there has been increased focus on more profitable production, which has meant an increased focus on a reliable supply of cost effective input materials such as explosives. Therefore, an explosives supplier should aim to offer a product and service which will optimise the mine’s costs. However, there is limited competitive advantage that can be derived from cost strategies (Naoui, 2014), thus many have opted to look for differentiation strategies through enhanced customer experience (Gonzalez, 2017). This research is aimed at investigating how the supply chain performance of an explosives supplier affects the quality of service rendered to mining customers. The study is also aimed at determining what supply chain risk mitigation strategies can be used to improve the performance of the supply chain and the customer service thereafter. The research hypothesis is that “Supply chain risk management leads to a positive customer service experience” The hypothesis was to be proved by showing the effective management of supply chain risk increased supply chain performance which leads to an improvement in customer service experience. The research was conducted using a single method qualitative approach, where the qualitative primary data was derived from interviews with personnel from four distinct groupings within the explosives supply chain, which consisted of production and supply chain personnel, sales representative and customers. The interviews were aimed at determining the critical customer service attributes that represented the various service quality elements that the customers deem important to their business performance. The reader will benefit from the research as it highlights the risks that are inherent in the supply chain and shows how these risks can be mitigated with the implementation of supply chain performance measures to drive improved customer service experience. It provides insights into how to ensure improved customer service in stringent, highly regulated, supply chains and ultimately achieve competitive advantage. , M.Com. (Business Management)
- Full Text:
- Authors: Buthelezi, Thandeka Zamashenge
- Date: 2018
- Subjects: Business logistics , Risk management , Customer services , Explosives industry , Consumer satisfaction
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/292134 , uj:31742
- Description: Abstract: In the mining industry that is plagued with increased competition and low profitability, gaining a competitive advantage is a mammoth task as the mining customers are faced with decreasing profit margins due to declining commodity prices and increases in critical cost drivers. Thus, there has been increased focus on more profitable production, which has meant an increased focus on a reliable supply of cost effective input materials such as explosives. Therefore, an explosives supplier should aim to offer a product and service which will optimise the mine’s costs. However, there is limited competitive advantage that can be derived from cost strategies (Naoui, 2014), thus many have opted to look for differentiation strategies through enhanced customer experience (Gonzalez, 2017). This research is aimed at investigating how the supply chain performance of an explosives supplier affects the quality of service rendered to mining customers. The study is also aimed at determining what supply chain risk mitigation strategies can be used to improve the performance of the supply chain and the customer service thereafter. The research hypothesis is that “Supply chain risk management leads to a positive customer service experience” The hypothesis was to be proved by showing the effective management of supply chain risk increased supply chain performance which leads to an improvement in customer service experience. The research was conducted using a single method qualitative approach, where the qualitative primary data was derived from interviews with personnel from four distinct groupings within the explosives supply chain, which consisted of production and supply chain personnel, sales representative and customers. The interviews were aimed at determining the critical customer service attributes that represented the various service quality elements that the customers deem important to their business performance. The reader will benefit from the research as it highlights the risks that are inherent in the supply chain and shows how these risks can be mitigated with the implementation of supply chain performance measures to drive improved customer service experience. It provides insights into how to ensure improved customer service in stringent, highly regulated, supply chains and ultimately achieve competitive advantage. , M.Com. (Business Management)
- Full Text:
The importance of project risk management process in Information Technology projects
- Authors: Mtshali, Sophie Nomusa
- Date: 2018
- Subjects: Project management , Risk management , Information technology - Risk management
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/272610 , uj:29028
- Description: M.Com. (Business Management) , Abstract: Risk management has increasingly become a crucial aspect of project success in the Information Technology industry. Risks are no longer seen from the narrow perspective of physical harm; but the narrative has evolved to include unforeseen circumstances and effects on all stakeholders and planned outputs of the project. In financial terms, it was reported that 13.8 billion SA Rands were lost to failed projects in 2011. In light of the aforementioned, this research focuses on Project Risk Management (PRM) and how it can help reduce and better manage risks inherent in all project works. Since it is expected that effective project risk management (PRM) seeks to minimize the risks inherent to projects in order for the project manager to make better-informed decisions, which will contribute to overall project success, this research asks the fundamental question: ‘is there any positive relationship between PRM and project success in the IT industry?’ To answer the research question, this study takes a pragmatic approach using the quantitative method of data collection. Surveys were distributed among 100 project managers and coordinators within the IT environment in South Africa, 65 valid responses were received. Descriptive analysis was conducted on the findings and the results are presented in themes according to the objectives of the study. One of the research conclusion is that the most significant factors limiting the use of PRM methodologies with the respondents is not organisational culture as expected, rather ‘lack of subject matter expertise in project management’ on the part of the project managers. It was ultimately concluded that there is a strong relationship between PRM and project success. If risks can be reduced in a project, the chances of success increases. Lastly, it was seen that within the scope of the research, PRM has a positive impact with project being completed on schedule (or earlier) and within or below budget. The research is however not without its own inherent limitations; one of which is the fact that the study is a once-off experience and cannot envisage changes in the IT project success while using different project management strategies. A longitudinal study would have helped prevent against this.
- Full Text:
- Authors: Mtshali, Sophie Nomusa
- Date: 2018
- Subjects: Project management , Risk management , Information technology - Risk management
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/272610 , uj:29028
- Description: M.Com. (Business Management) , Abstract: Risk management has increasingly become a crucial aspect of project success in the Information Technology industry. Risks are no longer seen from the narrow perspective of physical harm; but the narrative has evolved to include unforeseen circumstances and effects on all stakeholders and planned outputs of the project. In financial terms, it was reported that 13.8 billion SA Rands were lost to failed projects in 2011. In light of the aforementioned, this research focuses on Project Risk Management (PRM) and how it can help reduce and better manage risks inherent in all project works. Since it is expected that effective project risk management (PRM) seeks to minimize the risks inherent to projects in order for the project manager to make better-informed decisions, which will contribute to overall project success, this research asks the fundamental question: ‘is there any positive relationship between PRM and project success in the IT industry?’ To answer the research question, this study takes a pragmatic approach using the quantitative method of data collection. Surveys were distributed among 100 project managers and coordinators within the IT environment in South Africa, 65 valid responses were received. Descriptive analysis was conducted on the findings and the results are presented in themes according to the objectives of the study. One of the research conclusion is that the most significant factors limiting the use of PRM methodologies with the respondents is not organisational culture as expected, rather ‘lack of subject matter expertise in project management’ on the part of the project managers. It was ultimately concluded that there is a strong relationship between PRM and project success. If risks can be reduced in a project, the chances of success increases. Lastly, it was seen that within the scope of the research, PRM has a positive impact with project being completed on schedule (or earlier) and within or below budget. The research is however not without its own inherent limitations; one of which is the fact that the study is a once-off experience and cannot envisage changes in the IT project success while using different project management strategies. A longitudinal study would have helped prevent against this.
- Full Text:
Risk management best practices in the Department of Trade and Industry
- Authors: Joel, Carmen
- Date: 2016
- Subjects: Risk management , Corporate governance
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/225695 , uj:22801
- Description: M.A. , Abstract: This study focused on best practice risk management frameworks (RMFs) for the sustainable implementation of risk management in the public sector, with specific reference to the role of the Department of Trade and Industry (dti). Risk management entails resources, planning, arranging, and controlling to reduce the impact of possible risks to a manageable level. The main research question addressed by this study is: What is the nature of the risk management process and which practical actions can be taken to improve risk management in the dti in order to ensure sustainable service delivery? The goal of this best practice approach to risk management as a higher-order management function is to create an industry that will reflect on how events may influence organisational objectives through the process of identifying, assessing reducing, eliminating or mitigating and monitoring the impact and likelihood of actual or prospective risks through implementing new or improved assessment practices and internal controls. As organisations increasingly focus on establishing or maturing their risk management applications, risk managers experience a range of challenges – from the start of the risk management process to ensure that the right decisions and processes are carried out, to managing the complex involvement of many different functional stakeholders to fulfil an organisation’s mission, achieve its objectives, and to add value. Many of the problems encountered while establishing or maturing a risk management approach can be prevented by using a sound risk management methodology and by compliance with the regulatory and policy frameworks. This study focused on the improvement of risk management in general and the dti in particular, and made proposals for best practice methodologies and mechanisms for effective and efficient risk management systems to develop resilience against unforeseen risks. The proposed best practice mechanisms can be applied as good governance mechanisms to mitigate risk. A qualitative research methodology was followed, whereby conceptual and documentary content analyses and benchmarking were applied as research techniques. It was based on primary and secondary sources of information which covered a wide spectrum of themes, including core regulatory and policy frameworks, concepts, theories, approaches, and the variables which influence risk management in both international and South African contexts...
- Full Text:
- Authors: Joel, Carmen
- Date: 2016
- Subjects: Risk management , Corporate governance
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/225695 , uj:22801
- Description: M.A. , Abstract: This study focused on best practice risk management frameworks (RMFs) for the sustainable implementation of risk management in the public sector, with specific reference to the role of the Department of Trade and Industry (dti). Risk management entails resources, planning, arranging, and controlling to reduce the impact of possible risks to a manageable level. The main research question addressed by this study is: What is the nature of the risk management process and which practical actions can be taken to improve risk management in the dti in order to ensure sustainable service delivery? The goal of this best practice approach to risk management as a higher-order management function is to create an industry that will reflect on how events may influence organisational objectives through the process of identifying, assessing reducing, eliminating or mitigating and monitoring the impact and likelihood of actual or prospective risks through implementing new or improved assessment practices and internal controls. As organisations increasingly focus on establishing or maturing their risk management applications, risk managers experience a range of challenges – from the start of the risk management process to ensure that the right decisions and processes are carried out, to managing the complex involvement of many different functional stakeholders to fulfil an organisation’s mission, achieve its objectives, and to add value. Many of the problems encountered while establishing or maturing a risk management approach can be prevented by using a sound risk management methodology and by compliance with the regulatory and policy frameworks. This study focused on the improvement of risk management in general and the dti in particular, and made proposals for best practice methodologies and mechanisms for effective and efficient risk management systems to develop resilience against unforeseen risks. The proposed best practice mechanisms can be applied as good governance mechanisms to mitigate risk. A qualitative research methodology was followed, whereby conceptual and documentary content analyses and benchmarking were applied as research techniques. It was based on primary and secondary sources of information which covered a wide spectrum of themes, including core regulatory and policy frameworks, concepts, theories, approaches, and the variables which influence risk management in both international and South African contexts...
- Full Text:
Implementing risk management through change management at the Department of Justice and Constitutional Development
- Authors: Ntsele, Simphiwe
- Date: 2015
- Subjects: Risk management , Change - Management , South Africa. Department of Justice and Constitutional Development
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/124609 , uj:20937
- Description: Abstract: Please refer to full text to view abstract , M.Com. (Business Management)
- Full Text:
- Authors: Ntsele, Simphiwe
- Date: 2015
- Subjects: Risk management , Change - Management , South Africa. Department of Justice and Constitutional Development
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/124609 , uj:20937
- Description: Abstract: Please refer to full text to view abstract , M.Com. (Business Management)
- Full Text:
Risk management : a business enabler or a compliance issue?
- Authors: Wernberg, Duncan
- Date: 2015
- Subjects: Risk management , Strategic planning
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/83403 , uj:19088
- Description: Abstract: Please refer to full text to view abstract , M.Com. (Strategic Management)
- Full Text:
- Authors: Wernberg, Duncan
- Date: 2015
- Subjects: Risk management , Strategic planning
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/83403 , uj:19088
- Description: Abstract: Please refer to full text to view abstract , M.Com. (Strategic Management)
- Full Text:
- «
- ‹
- 1
- ›
- »