References
- Basel Committee on Banking Supervision (BCBS). Basel committee on banking supervision basel III: finalising post-crisis reforms; 2017 Dec [accessed 2019 May 25]. https://www.bis.org/bcbs/publ/d424.pdf.
- Benaroch M, Chernobai A, Goldstein J. An internal control perspective on the market value consequences of IT operational risk events. Int J Acc Inf Syst. 2012;13(August):357–81. doi:10.1016/j.accinf.2012.03.001.
- Sturm P. Operational and reputational risk in the European banking industry: the market reaction to operational risk events. J Econ Behav Organ. 2013;85:191–206. doi:10.1016/j.jebo.2012.04.005.
- Gillet R, Hübner G, Plunus S. Operational risk and reputation in the financial industry. J Banking Finance. 2010;34:224–35. doi:10.1016/j.jbankfin.2009.07.020.
- World Economic Forum. The global risk report 2019a; 2019 Jan 15 [accessed 2019 May 22]. https://www.weforum.org/reports/the-global-risks-report-2019.
- Goldstein J, Chernobai A, Benaroch M. An event study analysis of the economic impact of IT operational risk and its subcategories. J Assoc Inf Syst. 2011;12(9):Article1. doi:10.17705/1jais.00275.
- Bauer S A literature review on operational IT risks and regulations of institutions in the financial service sector. International Conference on Information Resource Management 2012; Vienna, Austria. p. 1–14. [accessed 2019 May 25]. https://pdfs.semanticscholar.org/bd61/0013b7cd28fd9b06b1d17c10b7207419f2a3.pdf.
- Kuhn JR, Morris B. IT internal control weaknesses and the market value of firms. J Enterp Inf Manage. 2017;30(6):964–86. doi:10.1108/JEIM-02-2016-0053.
- Hsu C, Backhouse J, Silva L. Institutionalizing operational risk management: an empirical study. Int J Inf Technol. 2014;29(1):59–72. doi:10.1057/jit.2013.15.
- Bauer S, Bernroider EWN. IT operational risk awareness building in banking companies: A preliminary research design highlighting the importance of risk cultures and control systems. CONF-IRM Proceedings. 2013;56.
- Recruiter.com. Career outlook for risk management Specialists. Recruiter; 2019 [accessed 2019 May 25]. https://www.recruiter.com/careers/risk-management-specialists/outlook/.
- FERMA. Federation of European risk management associations. [accessed 2019 May 24]. https://www.ferma.eu.
- Branchet B, Sanseau P. From technical to non-technical skills among information systems suppliers. J Enterp Inf Manage. 2017;30(2):320–34. doi:10.1108/JEIM-07-2015-0061.
- Tranchard S The new ISO 31000 keeps risk management simple; 2018 Feb 15 [accessed May 22]. https://www.iso.org/news/ref2263.html.
- British Standards Institute. BS31100 (BS 31100) Code of practice for risk management and guidance for ISO31000; 2011 [accessed 2019 May 25]. https://www.itgovernance.co.uk/shop/product/bs31100-bs-31100-code-of-practice-for-risk-management-and-guidance-for-iso31000.
- Standards Australia/Standards New Zealand. Risk management AS/NZS 3100:2009; 2010 Aug [accessed 2019 May 25]. https://www.finance.gov.au/sites/default/files/COV_216905_Risk_Management_Fact_Sheet_FA3_23082010_0.pdf.
- Blunden T, Thirlwell J. Mastering operational risk. Harlow (England): Pearson Education Limited; 2010.
- Power M The invention of operational risk. CARR ESRC Center for Analysis of Risk and Regulation; 2003 Jun [accessed 2019 May 25]. http://eprints.lse.ac.uk/21368/1/DP16.pdf.
- Basel Committee on Banking Regulation (BCBR). Working paper on the regulatory treatment of operational risk. Bank for International Settlements; 2001 Sep [accessed 2019 May 25]. https://www.bis.org/publ/bcbs_wp8.pdf.
- Osken CL, Onay C An operational risk management framework for financial services industry. European Conference on Information Systems Proceedings 2016; İstanbul, Turkey. 1–10.
- Cummins JD, Lewis CM, Wei R. The market value impact of operational loss events for US banks and insurers. J Banking Finance. 2006;30:2605–34. doi:10.1016/j.jbankfin.2005.09.015.
- Biener C, Eling M, Wirfs JH. Insurability of cyber risk: an empirical analysis. Geneva Pap Risk Insurance. 2015;40(1):131–58. doi:10.1057/gpp.2014.19.
- Eling M, Wirfs J. What are the actual costs of cyber risk events? Eur J Oper Res. 2019;272(3):1109–19. doi:10.1016/j.ejor.2018.07.021.
- Yang SO, Hsu C, Sarker S, Lee AS. Enabling effective operational risk management in a financial institution: an action research study. J Manage Inf Syst. 2017;34(3):727–53. doi:10.1080/07421222.2017.1373006.
- Ponemon Institute. 2018 cost of a data breach study; 2018 [accessed 2019 Jul 5]. https://www.ibm.com/security/data-breach?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h↵Security&ccy=US&cm_mc_uid=58687360095015621576685&cm_mc_sid_50200000=98661261562157668510&cm_mc_sid_52640000=93761471562157668516.
- Ackerman G G-20 urged to treat cyber-attacks as threat to global economy. Bloomberg; 2013 Jun 13 [accessed 2019 Jul 5]. https://www.bloomberg.com/news/2013-06-13/g-20-urged-to-treat-cyber-attacks-as-threat-to-economy.html.
- World Economic Forum. Centre for cybersecurity; 2019b [accessed 2019 Jul 5]. https://www.weforum.org/centre-for-cybersecurity.
- Straub DW, Welke RJ. Coping with systems risk: security planning models for management decision making. MIS Quarterly. 1998;22(4):441–69. doi:10.2307/249551.
- Jordan E, Silcock L. Beating IT risks. Chichester (England): John Wiley & Sons; 2005.
- Smith HA, McKeen JD. Developments in practice XXXIII: a holistic approach to managing IT-based risk. Commun Assoc Inf Syst. 2009;25(41):519–31. doi:10.17705/1CAIS.
- Grimes RA IT’s 9 biggest security threats. CSO Online; 2017 Aug 10 [accessed 2019 May 25]. https://www.csoonline.com/article/3215111/security-it-s-9-biggest-security-threats.html.
- Digital Commerce 360. (n.d.). Global Amazon prime day sales from 2015 to 2018 (in billion U.S. dollars). In Statista - The Statistics Portal; 2018 Aug [accessed 2019 May 25]. https://www.statista.com/statistics/728120/annual-amazon-prime-day-sales/.
- Deloitte. The payroll operations survey summary of results; 2014 Dec [accessed 2019 May 25]. https://www2.deloitte.com/content/dam/Deloitte/us/Documents/human-capital/us-hc-payroll-operations-survey-summary-results-010715.pdf.
- Prat N. Teaching information systems with cases. J Comput Inf Syst. 2012;52:71–81.
- Dunaway M Collaboration in a data analytics curricula: an active learning approach. America’s Conference on Information Systems Proceedings 2017; Boston, MA. p. 1–8.
- Mehaut P, Winch C. The European qualification framework: skills, competences or knowledge? Eur Educ Res J. 2012;11(3):369–81. doi:10.2304/eerj.2012.11.3.369.
- EQF. Descriptors defining levels in the European qualifications framework (EQF). European Commission. [accessed 2019 May 25] https://ec.europa.eu/ploteus/en/content/descriptors-page.
- Dhillon G. Managing and controlling computer misuse. Inf Manage Comput Secur. 1999;7(4):171–75. doi:10.1108/09685229910292664.
- Ernst & Young Global Limited. Ransomware: should you pay the ransom?; 2016 Aug 11 [accessed 2019 Jul 5]. https://advisory.ey.com/cybersecurity/should-you-pay-the-ransom.
- Martz B, Hughes J, Braun F. Creativity and problem-solving: closing the skills gap. J Comput Inf Syst. 2017;57(1):39–48. doi:10.1080/08874417.2016.1181492.
- Topi H, Valacich JS, Wright RT, Kaiser KM, Nunamaker JF, Sipior JC, deVreede GJ 2010: curriculum guidelines for undergraduate degree programs in information systems; 2010 [accessed 2019 Jul 5]. https://www.acm.org/binaries/content/assets/education/curricula-recommendations/is-2010-acm-final.pdf.