Article: Evaluation of cloud computing risks using an integrated fuzzy-ANP and FMEA approaches Journal: International Journal of Applied Decision Sciences (IJADS) 2023 Vol.16 No.2 pp.131 - 164 Abstract: Despite the considerable benefits of cloud-based services and their effect on the reduction of total investments in information technology (IT) infrastructures, there still exist a plethora of concerns regarding the potential risk of this relatively new method of resource outsourcing. Due to the diversity of activities in the risk management process, it is essential to develop an innovative framework for controlling and streamlining relevant processes. Such processes include the identification, ranking, and determination of relevant exposure strategies and risk responsiveness strategies. The proposed framework developed in this study was based on the risk management process phase of the PMBOK model to analyse the collected data via fuzzy analytical network processing and failure mode effective analysis methods. A survey was then drafted with participating IT experts. Results demonstrate that the three most important risks are data confidentiality, data integrity and reliability. Furthermore, 117 risk-responsiveness solutions such as auditing the scope of access to information, using relevant techniques to control data integrity, and implementing appropriate training programs for the support team within the organisation were recognised and ranked to suggest the most appropriate remedial strategies that extensively mitigate against identified risks. Inderscience Publishers - linking academia, business and industry through research

Title: Evaluation of cloud computing risks using an integrated fuzzy-ANP and FMEA approaches

Authors: Ata Allah Yazdani; Abbas Keramati; Ozgur Turetken; Yazwand Palanichamy

Addresses: E-Campus of the Islamic Azad University, 9th Neyestan, Pasdaran, Tehran, Iran ' Ted Rogers School of Information Technology Management, Ryerson University, Toronto, Ontario, Canada; School of Industrial Engineering, Faculty of Engineering, University of Tehran, Tehran, Iran ' Ted Rogers School of Information Technology Management, Ryerson University, Toronto, Ontario, Canada ' Ted Rogers School of Information Technology Management, Ryerson University, Toronto, Ontario, Canada

Abstract: Despite the considerable benefits of cloud-based services and their effect on the reduction of total investments in information technology (IT) infrastructures, there still exist a plethora of concerns regarding the potential risk of this relatively new method of resource outsourcing. Due to the diversity of activities in the risk management process, it is essential to develop an innovative framework for controlling and streamlining relevant processes. Such processes include the identification, ranking, and determination of relevant exposure strategies and risk responsiveness strategies. The proposed framework developed in this study was based on the risk management process phase of the PMBOK model to analyse the collected data via fuzzy analytical network processing and failure mode effective analysis methods. A survey was then drafted with participating IT experts. Results demonstrate that the three most important risks are data confidentiality, data integrity and reliability. Furthermore, 117 risk-responsiveness solutions such as auditing the scope of access to information, using relevant techniques to control data integrity, and implementing appropriate training programs for the support team within the organisation were recognised and ranked to suggest the most appropriate remedial strategies that extensively mitigate against identified risks.

Keywords: cloud computing; risk management framework; failure mode effective analysis; project management body of knowledge.

DOI: 10.1504/IJADS.2023.129477

International Journal of Applied Decision Sciences, 2023 Vol.16 No.2, pp.131 - 164

Received: 02 Jun 2021
Accepted: 01 Sep 2021
Published online: 10 Mar 2023 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Evaluation of cloud computing risks using an integrated fuzzy-ANP and FMEA approaches

Keep up-to-date