Drafting of IT Outsourcing Risk Management Policy Proposal with IT Outsourcing Risk Management Framework and Cobit

https://doi.org/10.61487/jiste.v3i1.130

Authors

  • Afrizal Zein Universitas Pamulang

Keywords:

risk management, outsourcing risk, risk mitigation, COBIT

Abstract

The design of a proposed Information Technology (IT) outsourcing risk management policy is essential in facing the complexity and uncertainty associated with using third-party services. This policy aims to protect organisational assets, ensure operational continuity, and minimise the impact of risks that may arise from outsourcing relationships. In this study, we develop a risk management framework that integrates IT outsourcing risk management principles with the COBIT (Control Objectives for Information and Related Technologies) standard. This framework includes risk identification, analysis, mitigation, and continuous monitoring and evaluation. Through this approach, organisations can improve control and visibility of risks faced in IT outsourcing. The results of this study indicate that implementing a comprehensive risk management policy not only strengthens information security but also improves the effectiveness and efficiency of business processes involving IT outsourcing. Hopefully, this proposed policy can provide practical guidance for organisations in managing risks and maximising the value of IT outsourcing.

References

ISACA. (2020). COBIT 2019 Framework: Introduction and Methodology. ISACA.

Mardiyanto, T., & Susanto, A. (2021). The Role of Risk Management in IT Outsourcing: A Literature Review. Journal of Information Technology Management, 32(1), 15-29.

Abubakar, M., & Rambo, R. (2022). Assessing Risks in IT Outsourcing: A Comparative Study. International Journal of Business Information Systems, 39(4), 275-293.

Houghton, L., & Williams, J. (2023). Integrating Risk Management Frameworks with COBIT: A Practical Approach. Journal of Risk Management in Technology, 12(2), 88-104.

Zainudin, Z. N., & Ibrahim, A. (2021). Managing Outsourcing Risks in the Digital Age: Strategies and Best Practices. Information Systems Journal, 31(3), 345-367.

Toh, M., & Li, L. (2020). A Framework for Effective Risk Management in IT Outsourcing. Journal of Global Information Technology Management, 23(2), 145-162.

Pratama, R. A., & Setiawan, B. (2023). Risk Assessment and Management in IT Outsourcing: A Systematic Review. Journal of Technology Management, 15(1), 55-74.

Kaur, A., & Sharma, S. (2021). Cybersecurity Risks in IT Outsourcing: Implications and Solutions. International Journal of Cybersecurity Intelligence and Cybercrime, 4(2), 45-60.

Haris, M., & Tanjung, B. (2022). Risk Management Practices in IT Outsourcing: A Review of the Literature. International Journal of Information Systems and Project Management, 10(3), 39-54.

Published

2025-03-20

How to Cite

Zein, A. (2025). Drafting of IT Outsourcing Risk Management Policy Proposal with IT Outsourcing Risk Management Framework and Cobit . Journal of Information System, Technology and Engineering, 3(1), 417–421. https://doi.org/10.61487/jiste.v3i1.130

Issue

Vol. 3 No. 1 (2025): JISTE

Section

Articles
Copyright & Licensing

Copyright (c) 2025 Afrizal Zein

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.