ABSTRACT
IT operational risk refers to any threat that could lead to the inappropriate modification, lack of availability, destruction, or theft of IT assets. This paper presents a real-world teaching case study, based upon an actual consulting engagement of risk assurance professionals working at a multinational professional services provider, to bring practical experience with managing IT operational risk into the classroom. Guidance for implementing this teaching case within an Information Systems course is provided. Students may work in teams, assuming the role of consultants, to provide recommendations involving an organization’s IT operational risks in operations, financial reporting, and compliance. Feedback from participating students revealed that the learning objectives of the case were met. These finding confirm that the Global CyberDerma Solutions case is a useful tool to teach students, who will be entering the workplace, about IT operational risks confronting organizations.
Acknowledgments
The authors wish to thank Matthew Bogusch, Director, and Ryan J. Pollock, Senior Manager, both of Deloitte & Touche, LLP, for authoring the case study and for supporting our student case study competition by serving as advisors to our students. Any opinions, findings, and conclusions or recommendations expressed in this paper are those of the authors and do not necessarily reflect the views of the contributors or Deloitte & Touche, LLP.