<![CDATA[The design of a proposed Information Technology (IT) outsourcing risk management policy is essential in facing the complexity and uncertainty associated with using third-party services. This policy aims to protect organisational assets, ensure operational continuity, and minimise the impact of risks that may arise from outsourcing relationships. In this study, we develop a risk management framework that integrates IT outsourcing risk management principles with the COBIT (Control Objectives for Information and Related Technologies) standard. This framework includes risk identification, analysis, mitigation, and continuous monitoring and evaluation. Through this approach, organisations can improve control and visibility of risks faced in IT outsourcing. The results of this study indicate that implementing a comprehensive risk management policy not only strengthens information security but also improves the effectiveness and efficiency of business processes involving IT outsourcing. Hopefully, this proposed policy can provide practical guidance for organisations in managing risks and maximising the value of IT outsourcing.]]>
Copyrights © 2025
