IT risk management disclosure in the integrated reports of the Top 40 listed companies on the JSE Limited
- Authors: Hohls-du Preez, Covanni
- Date: 2016
- Subjects: Information technology - Risk management , Information technology - Security measures , Financial risk management , Auditing - Data processing
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/245826 , uj:25469
- Description: M.Com. (Computer Auditing) , Abstract: Information Technology (IT) has become an integral part of virtually all modern day organisations. The advent of IT has given rise to numerous benefits which increase productivity and efficiency in the workplace, however, IT also brings with it significant risks that can have an impact on an organisation’s ability to function as a going concern. Organisations, especially those listed on the Johannesburg Stock Exchange (JSE), are required to submit an Integrated Report (IR) on an annual basis in which they indicate how they used the resources at their disposal to create value for the organisation and its stakeholders during the year under review. The IR is also a forward-looking document, as opposed to the traditional, backward-looking reports. The purpose of this study is to analyse the Integrated Reports of the Top 40 listed organisations on the JSE and determine the extent to which IT risks are disclosed in their IR and whether the way these risks are managed is also included in the IR as required by the IR Framework. This is done by means of an empirical study consisting of a content analysis of the IRs of the Top 40 listed companies on the JSE. The results of the analysis indicate that more than half of the companies in the sample included IT risk as part of their material risks and outlined appropriate and detailed processes that are followed by the company to manage those IT risks.
- Full Text:
- Authors: Hohls-du Preez, Covanni
- Date: 2016
- Subjects: Information technology - Risk management , Information technology - Security measures , Financial risk management , Auditing - Data processing
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/245826 , uj:25469
- Description: M.Com. (Computer Auditing) , Abstract: Information Technology (IT) has become an integral part of virtually all modern day organisations. The advent of IT has given rise to numerous benefits which increase productivity and efficiency in the workplace, however, IT also brings with it significant risks that can have an impact on an organisation’s ability to function as a going concern. Organisations, especially those listed on the Johannesburg Stock Exchange (JSE), are required to submit an Integrated Report (IR) on an annual basis in which they indicate how they used the resources at their disposal to create value for the organisation and its stakeholders during the year under review. The IR is also a forward-looking document, as opposed to the traditional, backward-looking reports. The purpose of this study is to analyse the Integrated Reports of the Top 40 listed organisations on the JSE and determine the extent to which IT risks are disclosed in their IR and whether the way these risks are managed is also included in the IR as required by the IR Framework. This is done by means of an empirical study consisting of a content analysis of the IRs of the Top 40 listed companies on the JSE. The results of the analysis indicate that more than half of the companies in the sample included IT risk as part of their material risks and outlined appropriate and detailed processes that are followed by the company to manage those IT risks.
- Full Text:
The role of information technology (IT) in the risk management of businesses in South Africa
- Authors: Schutte, Belinda
- Date: 2017
- Subjects: Risk management - South Africa , Information technology - South Africa , Auditing - Data processing , Information technology - Security measures - South Africa
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/245943 , uj:25485
- Description: M.Com. , Abstract: Information Technology (hereafter IT) is an ever changing discipline and has dramatically changed the way in which businesses operate today. The IT systems that organisations use within their business operations give rise to IT risks that can affect the organisation. Because of these IT risks, organisations now have to make certain that IT is incorporated into the risk management process within an organisation to ensure that there are mitigation strategies in place to mitigate these risks. Organisations should fully understand the role that IT will play in the risk management process to make sure the benefits linked to incorporating IT into this process are enjoyed. The study investigated the role of IT in the risk management process of businesses in South Africa by conducting a comprehensive literature study on the risk management process of businesses and establishing how IT is incorporated into the organisations risk management process. The literature study focused on the type of IT risks and threats affecting organisations, the principles of IT governance and the governance of risk in terms of the King III Code on Corporate Governance. The literature study was performed by researching and reading relevant sources to obtain evidence on risk, IT and risk management to support the objectives of the study. The study used content analysis to comprise an empirical study on the Top 40 Johannesburg Securities Exchange (hereafter JSE) listed companies' integrated reports. The content analysis specifically focused on the disclosure of IT in the risk management process. The content analysis was performed by using a control sheet that contained specific questions regarding what the company had disclosed regarding IT, risks and risk management. The study found that the companies are mitigating IT related risks and have included IT into the risk management process. The results also found that the awareness around IT risks might be industry driven, as companies operating in an IT driven industry are more likely to be exposed to IT risk than non-industrial companies are. The integrated reports disclosed that the governance of risk and IT governance are two principles that the majority of the companies take seriously and are therefore implementing.
- Full Text:
- Authors: Schutte, Belinda
- Date: 2017
- Subjects: Risk management - South Africa , Information technology - South Africa , Auditing - Data processing , Information technology - Security measures - South Africa
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/245943 , uj:25485
- Description: M.Com. , Abstract: Information Technology (hereafter IT) is an ever changing discipline and has dramatically changed the way in which businesses operate today. The IT systems that organisations use within their business operations give rise to IT risks that can affect the organisation. Because of these IT risks, organisations now have to make certain that IT is incorporated into the risk management process within an organisation to ensure that there are mitigation strategies in place to mitigate these risks. Organisations should fully understand the role that IT will play in the risk management process to make sure the benefits linked to incorporating IT into this process are enjoyed. The study investigated the role of IT in the risk management process of businesses in South Africa by conducting a comprehensive literature study on the risk management process of businesses and establishing how IT is incorporated into the organisations risk management process. The literature study focused on the type of IT risks and threats affecting organisations, the principles of IT governance and the governance of risk in terms of the King III Code on Corporate Governance. The literature study was performed by researching and reading relevant sources to obtain evidence on risk, IT and risk management to support the objectives of the study. The study used content analysis to comprise an empirical study on the Top 40 Johannesburg Securities Exchange (hereafter JSE) listed companies' integrated reports. The content analysis specifically focused on the disclosure of IT in the risk management process. The content analysis was performed by using a control sheet that contained specific questions regarding what the company had disclosed regarding IT, risks and risk management. The study found that the companies are mitigating IT related risks and have included IT into the risk management process. The results also found that the awareness around IT risks might be industry driven, as companies operating in an IT driven industry are more likely to be exposed to IT risk than non-industrial companies are. The integrated reports disclosed that the governance of risk and IT governance are two principles that the majority of the companies take seriously and are therefore implementing.
- Full Text:
- «
- ‹
- 1
- ›
- »