Please use this identifier to cite or link to this item: https://etd.cput.ac.za/handle/20.500.11838/2535
DC FieldValueLanguage
dc.contributor.advisorDe la Harpe, A.C.EN
dc.contributor.authorBasson, Delton Jade-
dc.date.accessioned2017-09-27T09:45:39Z-
dc.date.available2017-09-27T09:45:39Z-
dc.date.issued2017-
dc.identifier.urihttp://hdl.handle.net/20.500.11838/2535-
dc.descriptionThesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2017.en_US
dc.description.abstractThe balance between the dependency on Information and Communications Technology (ICT) and reducing costs has led to an increase in ICT outsourcing in many organisations. ICT outsourcing has benefits, but organisations have limited knowledge on information security and risks when outsourcing these functions. A lack of information security knowledge or a poor organisational risk culture carries the risk of project failure and security breaches. It is unclear how to manage information risks through the usage of ICT infrastructure risk management when outsourcing ICT projects, and this exposes organisations to ICT security risks. The aim of the study is to explore how a selected transport organisation can manage information risks through the usage of infrastructure risk management when outsourcing ICT projects. Two primary research questions are posed namely, “what information risks does the ICT department manage when outsourcing ICT projects?”, and “how can the ICT department protect their information through the usage of infrastructure risk management against ICT security threats when outsourcing ICT?” To answer these two questions, a study was conducted at a transport organisation in South Africa. A subjective ontological and interpretivist epistemological stance has been adopted and an inductive research approach was followed. The research strategy was a case study. Data for this study was gathered through interviews (17 in total) using semi-structured questionnaires. Data collected were transcribed, summarised, and categorised to provide a clear understanding of the data. For this study, forty findings and eight themes were identified. The themes are ICT outsourcing, information risks, costs, ICT vendor dependency, vendor access and management, risk management, user awareness, and frameworks. Guidelines are proposed, comprising six primary components. The results point to gaps that need to be addressed to ensure that information is protected when outsourcing ICT projects. Measures need to be put in place and communication has to be improved among operating divisions. The findings lead to questions such as, ““how does business create an ICT security culture to ensure that information is protected at all times”, and “does vendor access management really get the necessary attention it requires?” Further studies on human behaviour towards ICT security is needed to ensure the protection of organisations against security risks.en_US
dc.language.isoenen_US
dc.publisherCape Peninsula University of Technologyen_US
dc.rights.urihttp://creativecommons.org/licenses/by-nc-sa/3.0/za/-
dc.subjectInformation technology -- Risk managementen_US
dc.subjectBusiness enterprises -- Computer networks -- Security measuresen_US
dc.subjectInformation technology -- Contracting outen_US
dc.titleManaging infrastructure risks in information communication technology outsourced projects : a case study at Transnet, South Africaen_US
dc.typeThesisen_US
Appears in Collections:Information Technology - Master's Degree
Files in This Item:
File Description SizeFormat 
206006799-Basson-Delton-M.Tech-Information-Technology-FID-2017.pdfThesis3.04 MBAdobe PDFThumbnail
View/Open
Show simple item record

Page view(s)

2,597
Last Week
12
Last month
20
checked on Nov 24, 2024

Download(s)

944
checked on Nov 24, 2024

Google ScholarTM

Check


This item is licensed under a Creative Commons License Creative Commons