IT Risk Management in E-Governance: Case for the Cargo Clearance Process in Kenya
Governments all over the world are embracing e-governance by integrating information technology in their operations in an effort to improve quality of services, accountability and efficiency. Traditionally IT risk management has been treated as a technical matter and relegated to technical specialists. The criticality of IT in government operations warrants the management of IT risk by all stakeholders led by organizations‟ top management. This research builds a case for a process model and tool for the managing IT risk in e-governance. Existing risk management frameworks and standards were evaluated and the Risk IT framework was identified as the most appropriate guiding framework for the process. The framework was customized and used to assemble a process model after which a system prototype developed to guide its implementation. To demonstrate the use of the process model and the tool, an assessment of IT risk was carried out on the cargo clearance process in Kenya. Using the data obtained in the risk assessment, the tool provided an analysis of the IT risk levels in each IT process as well as the overall cargo clearance process. Major sources of risk and quick-wins were also identified and relevant recommendations made. The process model and tool were found to offer very significant benefits to the government and the public and were therefore recommended for adoption.