The Electronic Journal of Information Systems Evaluation provides critical perspectives on topics relevant to Information Systems Evaluation, with an emphasis on the organisational and management implications
For general enquiries email
Click here to see other Scholarly Electronic Journals published by API
For a range of research text books on this and complimentary topics visit the Academic Bookshop

Journal Article

Development of Bring‑Your‑Own‑Device Risk Management Model: A Case Study From a South African Organisation  pp1-14

Ivan Veljkovic, Adheesh Budree

© Mar 2019 Volume 22 Issue 1, Editor: Prof Shaun Pather, pp1 - 66

Look inside Download PDF (free)


In recent times, many organisations have difficulties to keep up with a frequent technology changes. On the other hand, their employees continue to bring their own devices in order to access organisational information systems and data. This phenomenon is also known as Bring‑Your‑Own‑Device (BYOD). Although a number of studies have demonstrated that the introduction of BYOD commonly has a positive effect on organisation and employees (e.g. improved optimism, job satisfaction and productivity), this concept appears as still not well understood. This particularly refers to possible risks related to the introduction of BYOD in the organisations. Hence, the intention of this study is to explore potential risks of introducing BYOD in organisations and to propose a model for addressing these risks effectively. The study began with reviewing the pertinent literature that elicited a number of the BYOD related risks that can further be classified into five groups: implementational, technological, policy and regulation, human aspects and organisational concerns. This helped in the creation of the “BYOD risk management model” as the identified risks and the proposed model were consequently tested in a middle‑sized South African IT organisation, deploying exploratory case study methodology. The empirical study has corroborated the literature review findings, hence confirming that the BYOD risks identified in the researched South African organisation do not differ from those reported in the reviewed literature. The contribution of this study is seen as twofold: academic and practical. Since there is a very limited BYOD literature in a South African setting, this study added to the contextual body of knowledge on the BYOD phenomenon in general, and in the area of understanding potential risks in particular. The study also provides guidelines for the decision‑makers responsible for the introduction of BYOD practice in the organisation.


Keywords: Mobility, BYOD, mobile computing, risk considerations, risk management, security


Share |

Journal Issue

Volume 22 Issue 1 / Mar 2019  pp1‑66

Editor: Prof Shaun Pather

View Contents Download PDF (free)

Keywords: Mobility, BYOD, mobile computing, risk considerations, risk management, security, Sustainability Metrics, Impact Assessment Studies e-Governance, ERP, Enterprise Resource Planning, Evaluation, Context, Lifecycle, Interpretive, ERP, Enterprise Resource Planning, Evaluation, Context, Lifecycle, Interpretive, Online information services (OISs), Web 2.0, Peer-to-Peer, Online audience behaviour, Networking, Evaluation, design science, customer satisfaction, E-Government, theoretical framework, qualitative


Share |