African Journal of
Business Management

  • Abbreviation: Afr. J. Bus. Manage.
  • Language: English
  • ISSN: 1993-8233
  • DOI: 10.5897/AJBM
  • Start Year: 2007
  • Published Articles: 4142

Full Length Research Paper

Risk management of VoIP implementation

Tian Gerber
  • Tian Gerber
  • enter for Information Security Studies, Nelson Mandela Metropolitan University, South Africa
  • Google Scholar
Kerry-Lynn Thomson
  • Kerry-Lynn Thomson
  • enter for Information Security Studies, Nelson Mandela Metropolitan University, South Africa
  • Google Scholar


  •  Accepted: 27 May 2013
  •  Published: 28 September 2013

Abstract

Corporate governance is generally regarded as the means by which an organization should be directed and controlled.  According to good corporate governance practices, an organization should maintain a competitive advantage by securing its assets and protecting against new threats introduced through new technologies. An example of a new technology that is being increasingly implemented in organizations is that of Voice over Internet Protocol (VoIP).  VoIP is typically seen as a replacement for the Public Switched Telephone Network (PSTN) and converts analog voice into digital voice packets for transport on computer networks.  VoIP implementations are on the increase due to its many benefits.  However, the focus of VoIP implementations is typically on the advantages and not on potential risks. This oversight could affect corporate governance as due care and due diligence may not be assured. This paper will investigate a possible way of making organizations aware of these information security risks through the development of a VoIP Risk Table, which will correlate the risks, threats, likely impact, recommendations and COBIT 5 process practices related to VoIP by means of a qualitative content analysis. This table could assist organizations with proper risk management for VoIP implementations enabling organizations to take the necessary steps to mitigate risks and ensure better governance of VoIP technologies. 
 
Key words: Corporate governance, risk assessment, VoIP Risk Table, COBIT 5.