This research in progress paper introduces a research initiative focusing on bank employee risk behaviour to mitigate IT operational risks in Austrian banks. The study focuses on the role of IT risk culture and internal controls in relation to employee risk behaviour and the effectiveness of different awareness building practices in banking companies in response to international banking regulation. We offer a short introduction to central theoretical concepts, main research assump-tions and a two-staged methodological design to conduct the underlying study. The indicative findings suggest important properties of awareness building methods and guidelines to create a proactive IT risk culture.
Bauer, Stefan and Bernroider, Edward W. N., "IT operational risk awareness building in banking companies: A preliminary research design highlighting the importance of risk cultures and control systems" (2013). CONF-IRM 2013 Proceedings. 56.