Evaluating the Risk Management Plan and Addressing Factors for Successes in Government Agencies

This study evaluates the current series of events relating that information and data security and familiarity with our practices have not helped in securing our systems as predicted. Though we have made progress recently, lots of security breaches to data still occur that seem preventable. The past incidents do not seem to prepare us to respond to the next adequately. This study suggests the prospective reasons for the challenges involved in creating a Risk Management Plan (RMP), examines the importance of the plan as well as the factors responsible for their successes in government agencies. Many organizations often relegate to the background, the need for risk management plans although it is one of the most important success factors in organizational development. Creating a risk management policy in the government requires special skill because all the stakeholders will be involved to direct and approve the final draft. The Risk Management Plan is the working document of the organization that details how the organization intends to develop, test, remediate and implement risk management plans within the organization.

[1]  Anil Nair,et al.  Enterprise Risk Management: Review, Critique, and Research Directions , 2014 .

[2]  Sean B. Maynard,et al.  Information security strategies: towards an organizational multi-strategy perspective , 2014, J. Intell. Manuf..

[3]  Issam Kouatli,et al.  A comparative study of the evolution of vulnerabilities in IT systems and its relation to the new concept of cloud computing , 2014 .

[4]  Sven Laumer,et al.  Research on information systems failures and successes: Status update and future directions , 2014, Information Systems Frontiers.

[5]  Filippo Vitolla,et al.  Corporate governance and the information system: how a framework for IT governance supports ERM , 2014 .

[6]  Jean-Noël Ezingeard,et al.  Perception of risk and the strategic impact of existing IT on information security strategy at board level , 2007, Online Inf. Rev..

[7]  Stefan Fenz,et al.  Current challenges in information security risk management , 2014, Inf. Manag. Comput. Secur..

[8]  Theodore Tryfonas,et al.  From risk analysis to effective security management: towards an automated approach , 2004, Inf. Manag. Comput. Secur..

[9]  M. Young The technical writer's handbook : writing with style and clarity , 1989 .

[10]  Cormac Herley Security, cybercrime, and scale , 2014, Commun. ACM.

[11]  Mahmood Hussain Shah,et al.  Information security management needs more holistic approach: A literature review , 2016, Int. J. Inf. Manag..

[12]  Dilanthi Amaratunga,et al.  Managing disaster knowledge: identification of knowledge factors and challenges , 2012 .

[13]  Georg Disterer,et al.  ISO/IEC 27000, 27001 and 27002 for Information Security Management , 2013 .

[14]  Marthie Grobler,et al.  Towards a Cyber security aware rural community , 2011, ISSA.

[15]  Wei-Hsiu Weng,et al.  Development Trends and Strategy Planning in Big Data Industry , 2014 .

[16]  Mo Adam Mahmood,et al.  Employees' adherence to information security policies: An exploratory field study , 2014, Inf. Manag..

[17]  Julia H. Allen,et al.  Characteristics of Effective Security Governance 1 , 2007 .

[18]  Susan P. Williams,et al.  Information Security Governance: Investigating Diversity in Critical Infrastructure Organizations , 2012, Bled eConference.

[19]  Detmar W. Straub,et al.  Coping With Systems Risk: Security Planning Models for Management Decision Making , 1998, MIS Q..

[20]  Gavriel Salvendy,et al.  Factors affecting perception of information security and their impacts on IT adoption and security practices , 2011, Int. J. Hum. Comput. Stud..

[21]  Dan Craigen,et al.  Defining Cybersecurity , 2014 .