Browsing by Author "Rudman, Riaan"

Now showing 1 - 6 of 6
  • Thumbnail Image
    Item
    An integrated framework to implement IT governance principles at a strategic and operational level for medium-to large- sized South African businesses
    (Clute Institute, 2013-07) Goosen, Riana; Rudman, Riaan
    In today’s technologically advanced business environments, Information Technology (IT) has become the center of most, if not all, business activities; consequently, the King III report in South Africa dedicated a chapter to IT governance principles, making senior management responsible for implementing such principles. The King III’s implementation guidance lacks detail as to how to implement its principles. Although various guidelines in the form of IT control frameworks - models and standards - exist, it remains theoretical in nature. Companies tend to view these control frameworks on an individual basis, implementing them in an ad hoc manner, resulting in the implementation of an inefficient IT governance system that either addresses strategic areas, but not operational areas, of a business or vice versa. The purpose of this study is to develop an IT best practices integrated framework that can assist management in implementing an effective IT governance system at both a strategic and operational level. The integrated framework was developed by performing a detailed literature review of selected best practice control frameworks and its underlying processes. By combining the relevant processes of the control frameworks and aligning them to general business’ imperatives, IT governance principles can be implemented at a strategic level. By identifying and linking the relevant business imperatives and control areas to the access paths of an IT system, IT governance principles can be implemented at an operational level. By making use of the integrated framework, an IT governance system can be implemented at both a strategic and operational level.
  • Thumbnail Image
    Item
    Mobile technology risk management
    (Clute Institute, 2016) Sahd, Lize-Marie; Rudman, Riaan
    Mobile technology is fast becoming an indispensable part of consumers’ lives and an essential business tool in improving productivity, streamlining business processes and remaining competitive. The mobile revolution is transforming business operations, but the pervasive nature of mobile technology also introduces new and significant risks into all areas of the businesses. In most businesses, however, the governance of mobile technology and its related risks is often disjointed and implemented in an ad hoc manner, resulting in all risks not being addressed. This lack of appropriate governance policies and procedures is a direct consequence of a lack of understanding of the technology and the speed at which new technologies are developed and adopted. If the risks are not addressed in a comprehensive manner, it could have severe consequences for a business. The objective of this research is to address this problem by using an appropriate control framework, Control Objectives for Information Technology (COBIT), to identify a comprehensive set of internal controls to address mobile technology risks at a governance, management and operational level. The research proposes a comprehensive set of internal controls which can be used by those charged with governance to manage each significant risk arising from the implementation of mobile technology.
  • Thumbnail Image
    Item
    Proposed practices to mitigate significant mobility security risks
    (Clute Institute, 2015-02) Brand, Johanna Catherina; Kruger-Van Renen, Wandi; Rudman, Riaan; School of Accounting
    Enterprise mobility is emerging as a fast-growing trend worldwide. Numerous risks originate from using mobile devices for business-related tasks and most of these risks pose a significant security threat to organisations’ information. Information Technology (IT) governance frameworks can provide guidance in managing these risks at a strategic level, but these frameworks do not effectively govern on a technical operational level. Implementation of these frameworks may also be inefficient, as they are generic and do not necessarily cover all the risks relating to a specific technology. This study provides organisations with guidance on how to govern these enterprise mobility security risks in an effective manner at both a strategic and an operational level. Using three IT governance frameworks, this study identified 12 practices that companies can employ to mitigate significant mobility security risks.
  • Thumbnail Image
    Item
    Strategic alignment of application software packages and business processes using PRINCE2
    (Clute Institute, 2013-10) Kruger, Wandi; Rudman, Riaan
    Numerous factors exist that may contribute to the unsuccessful completion of application software package implementation projects. The most significant contributor to application software package project failure lies in the misalignment of the organisation’s business processes with the functionality of the application software package. While various IT control frameworks that may assist in the implementation of application software packages are available, the question arises why industry still reports that the success rate of application software package implementation projects remains low. The purpose of this study was to examine the extent to which the Projects in Controlled Environment (PRINCE2) framework assists in the alignment of the organisation’s business processes with the functionality provided by the application software package implemented. This study investigated whether PRINCE2 addresses all the reasons for project failure. It identifies the shortcomings and weaknesses in PRINCE2 which may contribute to the misalignment between the business processes of the organisation and the functionality of the application software package implemented. The study recommends how these weaknesses identified in PRINCE2 can be addressed. By taking these recommendations into account when using PRINCE2 to implement application software packages, proper alignment between the organisation’s business processes and the functionality of the application software package may be achieved. This results in a more successful application software package implementation.
  • Thumbnail Image
    Item
    Using a group work project as an educational tool in management accounting education
    (Clute Institute, 2014-05) Rudman, Riaan; Kruger, Wandi
    Having pervasive skills is becoming more important to employers as well as to professional bodies and associations. Consequently, the ability to work in groups is regarded as an essential skill. Although working in groups is found to heighten the performance of students and lead to the development of various pervasive skills, group work still forms a very small part of most South African tertiary education teaching frameworks. As a consequence, most professional bodies have updated their competency models and syllabuses they prescribe to tertiary institutions. In response to this development, the Department of Accounting at Stellenbosch University in South Africa has developed a management accounting project requiring students to prepare a business plan for a new business venture while working in groups, giving consideration to the skills they believe they should develop. A questionnaire was created to investigate students’ perceptions of group work. Responses were favourable with the majority of respondents being of the opinion that the ability to work in groups is an important skill to develop while at university before commencing their professional careers. The study highlighted some obstacles which need to be considered in developing a project requiring group work. The main constraints appear to be group selection, group size, group management and assessing group work and time.
  • Thumbnail Image
    Item
    Web 3.0 : governance, risks and safeguards
    (The Clute Institute, 2015-06) Bruwer, Hendrik Jacobus; Rudman, Riaan
    Many organisations consider technology as a significant asset to generate income and control cost. The Web is recognised as the fastest growing publication medium of all time. This mass of unstructured information presents many new opportunities for organisations. The Web acts as an enabler for technological advancement, and has matured in its own unique way. From the static informative characteristics of Web 1.0, it progressed into the interactive experience Web 2.0 provides. The next phase of Web evolution, Web 3.0, is already in progress. Web 3.0 entails an integrated Web experience where the machine will be able to understand and catalogue data in a manner similar to humans. This will facilitate a world wide data warehouse where any format of data can be shared and understood by any device over any network. Organisations need to be ready, and acquire knowledge about the opportunities and risks arising from Web 3.0 technologies. The objective of this study is to investigate the risks an organisation will be exposed to when interacting with Web 3.0 technologies. The study proposes to provide insight into the risks arising from the use of Web 3.0, and to recommend possible safeguards to mitigate these risks to an acceptable level.