Browse by author
Lookup NU author(s): Moneef Almutairi, Dr Stephen RiddleORCiD
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
© 2018 Association for Computing Machinery. Several firms outsource their IT services partially or totally due to different constraints such as business, financial or legal. Although IT outsourcing has tremendous benefits such as cost reduction, it might expose firms to different security risks including confidentiality, integrity, and availability issues. In this paper, we present the evaluation results for a proposed framework that we developed previously for managing the security and compliance risks of outsourced IT projects. The evaluation is designed to assess several features of the proposed framework. Usefulness, flexibility, simplicity and ease of use as well as achieving a systematic and comprehensive methodology for managing the security and compliance risks of outsourced IT projects are evaluated in this paper. Additionally, we evaluate the usefulness of utilizing project phases and the proposed threat classification approach for identifying and managing security threats in the outsourcing context. Finally, we evaluate the ability of the proposed framework to be applied to any project regardless of project size, cost, or any other constraints.
Author(s): Almutairi M, Riddle S
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: ACM International Conference Proceeding Series
Year of Conference: 2018
Pages: 40-44
Online publication date: 04/01/2018
Acceptance date: 04/01/2018
Publisher: Association for Computing Machinery
URL: https://doi.org/10.1145/3178461.3178476
DOI: 10.1145/3178461.3178476
Library holdings: Search Newcastle University Library for this item
ISBN: 9781450354387