Toggle Main Menu Toggle Search

Open Access padlockePrints

A framework for managing security risks of outsourced it projects: An empirical study

Lookup NU author(s): Moneef Almutairi, Dr Stephen RiddleORCiD


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


© 2018 Association for Computing Machinery. Several firms outsource their IT services partially or totally due to different constraints such as business, financial or legal. Although IT outsourcing has tremendous benefits such as cost reduction, it might expose firms to different security risks including confidentiality, integrity, and availability issues. In this paper, we present the evaluation results for a proposed framework that we developed previously for managing the security and compliance risks of outsourced IT projects. The evaluation is designed to assess several features of the proposed framework. Usefulness, flexibility, simplicity and ease of use as well as achieving a systematic and comprehensive methodology for managing the security and compliance risks of outsourced IT projects are evaluated in this paper. Additionally, we evaluate the usefulness of utilizing project phases and the proposed threat classification approach for identifying and managing security threats in the outsourcing context. Finally, we evaluate the ability of the proposed framework to be applied to any project regardless of project size, cost, or any other constraints.

Publication metadata

Author(s): Almutairi M, Riddle S

Publication type: Conference Proceedings (inc. Abstract)

Publication status: Published

Conference Name: ACM International Conference Proceeding Series

Year of Conference: 2018

Pages: 40-44

Online publication date: 04/01/2018

Acceptance date: 04/01/2018

Publisher: Association for Computing Machinery


DOI: 10.1145/3178461.3178476

Library holdings: Search Newcastle University Library for this item

ISBN: 9781450354387