• Gamal S. A. Khalifa Faculty of Tourism and Hotels, Fayoum University, Egypt
  • EL-Hussin M. S. Ali Faculty of Tourism and Hotels, Fayoum University, Egypt


ITRM can simply be defined as the process of identifying, evaluating, selecting, and implementing actions to reduce risk for guests and hotel assets. The goal of risk management represented in integrating actions that reduce or prevent information risks while taking into consideration ethical, political, social, cultural, and legal side. Information technology has become an essential part of hotel operations. Therefore, the need for obtaining information risk management is emerging. It is difficult to imagine a hotel operating and competing on the market without this process, for both customers and merchants, they bring threats of information vulnerability and security breaches at the same time. The study investigates the antecedents of hotel ITRM adoption and how this affects the hotel market share. The study used a questionnaire to collect data from 257 hotel employees to perceive their opinions on the Egyptian hotel ITRM adoption. It has employed structural equation modelling to measure the effect of the antecedents of hotel ITRM and its effect on hotel market share. The study has revealed very useful results in the way it evaluated employees’ perceptions of hotel ITRM adoption and depicted the factors that hotels have succeeded to offer to support ITRM and attract customers to increase their market share.


Information Technology, Risk Management, Information Technology Risk Management, Hotels


Download data is not yet available.


Abou-Shouk, M., Lim, W. M. & Megicks, P. (2013). e-Commerce and small tourism businesses in developing countries: Drivers versus boundaries of adoption. Tourism Planning & Development. 10(3), pp 249-266.

Abou-Shouk, M. A. & Khalifa, G. S. (2016). The influence of website quality dimensions on e-purchasing behaviour and e-loyalty: a comparative study of Egyptian travel agents and hotels. Journal of Travel & Tourism Marketing. pp 1-16.

Altuntas, M., Berry-Stölzle, T.R. & Hoyt, R.E. (2011). Dynamic determinants of enterprise risk management adoption in the property-liability insurance industry: evidence from Germany. Journal of risk management. 123(17), pp1234-1244.

Álvarez, L. S., Martín, A. M. D. & Casielles, R. V. (2007). Relationship marketing and information and communication technologies: Analysis of retail travel agencies. Journal of Travel Research. 45(4), pp 453-463.

Angriawan, A. & Thakur, R. (2008). A parsimonious model of the antecedents and consequence of online trust: An uncertainty perspective. Journal of Internet Commerce. 7(1), pp 74-94.

Aron, R., Clemons, E. K. & Reddi, S. (2005). Just right outsourcing: understanding and managing risk. Journal of Management Information Systems. 22(2), pp 37-55.

Ayeh, J.K. (2007). Determinants of internet usage in Ghanaian hotels: the case of the Greater Accra Region (GAR). Journal of Hospitality & Leisure Marketing. 15(3), pp 87-109.

Azam, S. (2007). Internet adoption and usage in Bangladesh. 経営行動科学,20(1), pp 43-54.

Aziz, A.A., Bakhtiar, M.F.S., Syaquif, M., Kamaruddin, Y. & Ahmad, N.A. (2012). Information and communication technology application's usage in hotel industry. Journal of Tourism, Hospitality, and Culinary Arts. 4(2), pp 34-48.

Baida, Z., Liu, J. & Tan, Y.H. (2007). Towards a methodology for designing e-government control procedures. In International Conference on Electronic Government (pp 56-67). Springer Berlin Heidelberg.

Bart, Y., Shankar, V., Sultan, F. & Urban, G. L. (2005). Are the drivers and role of online trust the same for all web sites and consumers? A large-scale exploratory empirical study. Journal of marketing. 69(4), pp 133-152.

Beachboard, J., Cole, A., Mellor, M., Hernandez, S., Aytes, K.& Massad, N. (2008). Improving Information Security Risk Analysis Practices for Small and Medium-Sized Enterprises: A Research Agenda. Journal of Issues in Informing Science and Information Technology Education. 5, pp 73-85.

Beckinsale, M. & Levy, M. (2004). SMEs and internet adoption strategy: who do SMEs listen to? ECIS 2004 Proceedings, p11.

Benaroch, M., Lichtenstein, Y. & Robinson, K. (2006). Real options in information technology risk management: an empirical validation of risk-option relationships. Mis Quarterly. 30(4), pp 827-864.

Bharosa, N., Janssen, M., van Wijk, R., de Winne, N., van der Voort, H., Hulstijn, J. & Tan, Y. H. (2013). Tapping into existing information flows: The transformation to compliance by design in business-to-government information exErnest Change. Government Information Quarterly. 30, pp S9-S18.

Bigdeli, A.Z. & deCesare, S. (2011). Barrierstoe-Government service delivery in developing countries: The case of Iran. In Emerging Themes in Information Systems and Organization Studies (pp.307-320). Physica-Verlag HD.

Bilgihan, A., Okumus, F., "Khal" Nusair, K. & Joon-Wuk Kwun, D. (2011). Information technology applications and competitive advantage in hotel companies. Journal of Hospitality and Tourism Technology. 2(2), pp 139-153.

Bwalya, K. J. (2009). Factors affecting adoption of e-government in Zambia. The Electronic Journalof Information Systems in Developing Countries. 38(4), pp 1-13

Camisón, C. (2000). Strategic attitudes and information technologies in the hospitality business: an empirical analysis. International Journal of Hospitality Management. 19(2), pp125-143.

Chen, J. & Dibb, S. (2010). Consumer trust in the online retail context: Exploring the antecedents and consequences. Psychology & Marketing, 27(4), pp 323-346.

Chen, J. & McQueen, R. J. (2008). Factors affecting e-commerce stages of growth in small Chinese firms in New Zealand: an analysis of adoption motivators and inhibitors. Journal of Global Information Management (JGIM), 16(1), pp 26-60.

Choi, T. M., Wallace, S. W. & Wang, Y. (2016). Risk management and coordination in service supply chains: information, logistics and outsourcing. Journal of the Operational Research Society. 67(2), pp159-164.

Cobanoglu, C., Corbaci, K. & Ryan, B. (2001). A comparative study: the impact of technology in lodging properties in the United States and Turkey. International Journal of Hospitality Information Technology. 2(1), pp 23-40.

Collins, G.R. & Cobanoglu, C. (2013). Hospitality information technology: Learning how to use it. Kendall/Hunt Publishing Co.

Contos, B.T. (2006). Enemy at the water cooler: True stories of insider threats and enterprise security management countermeasures. Syngress.

Cyr, D., Hassanein, K., Head, M. & Ivanov, A. (2007). The role of social presence in establishing loyalty in e-service environments. Interacting with computers, 19(1), pp.43-56.

Doong, H.S., Wang, H.C. &Foxall, G.R., (2011). An investigation of consumers' webstore shopping: A view of click-and-mortar company. International Journal of Information Management, 31(3), pp.210-216.

Dorofee, C.A.A., 2002. Managing Information Security Risks: The OCTAVE (SM) Approach. July2002, Addison Wesley Professional.

Dyerson, R. &Harindranath, G. (2007). August. ICT Adoption & Use by SMEs in the UK: A Survey of Southeast. InPICMET'07-2007PortlandInternational Conference on Management of Engineering& Technology (pp. 1756-1770). IEEE.

Ebenezer, C., Bath, P. & Pinfield, S., 2016. Access denied? Managing access to the Web within the NHS in England: technology, risk, culture, policy, and practice.

Egyptian Hotel Guide 2011-2012., (2012), 32nd edition, Egypt: Egyptian Hotel Association.

Emarketer, (2005) Travel agencies online. Available at:

Ernest Chang, S. & Ho, C.B., (2006). Organizational factors to the effectiveness of implementing information security management. Industrial Management & Data Systems, 106(3), pp.345-361.

Erzurumlu, S.S. & Erzurumlu, Y.O., (2013). Development and deployment drivers of clean technology innovations. The Journal of High Technology Management Research, 24(2), pp. 100-108.

Flavián, C. & Guinalíu, M. (2006). Consumer trust, perceived security and privacy policy: three basic elements of loyalty to a web site. Industrial Management & Data Systems, 106(5), pp.601-620.

Fornell, C. & Larcker, D.F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of marketing research, pp.39-50.

Gefen, D., Karahanna, E. & Straub, D.W. (2003). Trust and TAM in online shopping: an integrated model. MIS quarterly, 27(1), pp.51-90.

Ghamatrasa, M., (2006). Internet adoption decision model among Iranian small and medium enterprises. Master's thesis, Lulea University of Technology.

Gilbert, D., Balestrini, P. & Littleboy, D. (2004). Barriers and benefits in the adoption of e-government. International Journal of Public Sector Management, 17(4), pp. 286-301.

Glendon, A.I., Clarke, S. & McKenna, E., 2016. Human safety and risk management. Crc Press.

Golshan, N.M. & Rasid, S.Z.A., 2012. Determinants of Enterprise Risk Management Adoption: An Empirical Analysis of Malaysian Public Listed Firms. In Proceedings of World Academy of Science, Engineering and Technology (No. 62). World Academy of Science, Engineering and Technology.

Gupta, P., Yadav, M.S. & Varadarajan, R. (2009). How task-facilitative interactive tools foster buyers' trust in online retailers: a process view of trust development in the electronic marketplace. Journal of Retailing, 85(2), pp 159-176.

Haimes, Y.Y. (2015). Risk modeling, assessment, and management. John Wiley & Sons.

Hair, J., Black, W., Babin, B. & Anderson, R. (2010). Multivariate data analysis: a global perspective. Pearson Prentice Hall.

Hasan, B. (2003). The influence of specific computer experiences on computer self-efficacy beliefs. Computers in human behavior, 19(4), pp.443-450.

Hassandoust, F. & Farzaneh, M. (2011). Reviewing the influence of it applications such as implementing online distribution channels in hotel industry. J Knowl Manag Econ Inf Technol, 1(4), pp.106-121.

Hassanein, K., Head, M. & Ju, C., (2009). Across-cultural comparison of the impact of social presence on website trust, usefulness and enjoyment. International Journal of Electronic Business, 7(6), pp.625-641

Hendy, L., (2007). ISO 31000 Risk Management Guidance Standard. NSAI, 1Swift Square, Northwood, Santry Dublin 9, Ireland.

Hesketh, D., (2009). Seamless electronic data and logistics pipelines shift focus from import declarations to start of commercial transaction. World Customs Journal, 3(1), pp 27-32.

Hubbard, D.W., (2014). How to measure anything: Finding the value of intangibles in business. John Wiley & Sons.

IBM., (2011) Implementing e-customs in Europe- An IBM point of view, customs, borders and revenue management solutions.

Idé, T., Güven, S., Jan, E.E., Makogon, S. and Venegas, A., (2015), May. Latent trait analysis for risk management of complex information technology projects. In 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM) (pp. 305-312). IEEE.

International Data Corporation. (2007). Worldwide IT Security Software, Hardware, and Services. 2007–2011 Forecast: The Big Picture. International Data Corporation (Doc #210018).

Iris, M., (2012). The impact of information and communication technology (ICT) as a key factor of tourism development on the role of Croatian travel agencies. International Journal of Business and Social Science, 3(24).

Jake, K. & Daniel, M., (2010). Information Technology Risk Management in Enterprise Environments: A Review of Industry Practices and a Practical Guide to Risk ManagementTeams.MinoliCopyrightr2010John Wiley & Sons, Inc.

Johnson, D.S. (2007). Achieving customer value from electronic channels through identity commitment, calculative commitment, and trust in technology. Journal of interactive marketing, 21(4), pp 2-22.

Kartiwi, M. & MacGregor, R.C., (2007). Electronic commerce adoption barriers in small to medium-sized enterprises (SMEs) in developed and developing countries: Across-country comparison. Journal of Electronic Commerce in Organizations (JECO), 5(3), pp 35-51.

Kearney, W.D. & Kruger, H., (2016). Theorising on risk homeostasis in the context of information security behaviour. Information & Computer Security, 24(5).

Keeling, K., McGoldrick, P. & Beatty, S., (2010). Avatars as salespeople: Communication style, trust, and intentions. Journal of Business Research,63(8), pp 793-800.

Kendall, J.D., Tung, L.L., Chua, K.H., Ng, C.H.D. and Tan, S.M., (2001). Receptivity of Singapore's SMEs to electronic commerce adoption. The Journal of Strategic Information Systems, 10(3), pp.223-242.

Kim, H.B., Kim, T.T. & Shin, S.W., (2009). Modeling roles of subjective norms and eTrust in customers' acceptance of airlineB2CeCommercewebsites.Tourism management, 30(2), pp.266-277.

Kim, W.G., Ma, X. & Kim, D.J., (2006). Determinants of Chinese hotel customers' e-satisfaction and purchase intentions. Tourism Management,27(5), pp.890-900.

Kock, N. (2012). “Warp PLS 3.0 user manual", Laredo, Texas, ScriptWarp Systems.

Kouns, J. & Minoli, D., (2011). Information technology risk management in enterprise environments: A review of industry practices and a practical guide to risk management teams. John Wiley & Sons.

Kumar, R.L., (2004). A framework for assessing the business value of information technology infrastructures. Journal of Management Information Systems, 21(2), pp.11-32.

Lacity, M.C., Khan, S.A. & Willcocks, L.P., (2009). A review of the IT outsourcing literature: Insights for practice. The JournalofStrategicInformationSystems,18(3), pp.130-146.

Lai, F. & Samad, F., (2011). Enterprise risk management and the empirical determinants of Its implementation. In 010 International Conference on Business and Economics Research vol. 1 IACSIT Press, Kuala Lumpur, Malaysia.

Law, R. & Hsu, C.H., (2006). Importance of hotel website dimensions and attributes: perceptions of online browsers and online purchasers. Journal of Hospitality & Tourism Research, 30(3), pp.295-312.

Lee, M.K. & Turban, E., (2001). A trust model for consumer internet shopping. International Journal of electronic commerce, 6(1), pp.75-91.

Liao, Z. & Cheung, M.T., 2001. Internet-based e-shopping and consumer attitudes: an empirical study. Information & Management, 38(5), pp.299-306.

Lim, W.M., (2008). Regression analysis of Internet technologies adoption factors and business performance of UK independent hoteliers. Tourism and Hospitality Planning & Development, 5(3), pp.233-245.

Lin, C.K., Chen, Y.S. & Chuang, H.M., (2016). Improving Project Risk Management by a Hybrid MCDM Model Combining DEMATEL with DANP and VIKOR Methods—An Example of Cloud CRM. In Frontier Computing (pp. 1033-1040). Springer Singapore.

MacGregor, R.C. & Vrazalic, L., (2005). Abasic model of electronic commerce adoption barriers: A study of regional small businesses in Sweden and Australia. Journal of small business and enterprise development, 12(4), pp.510-527.

Mamaghani, F., (2009). Impact of e-commerce on travel and tourism: An historical analysis. International Journal of Management, 26(3), p.365-375.

Mayer, N., Aubert, J., Grandry, E. & Feltus, C., (2016), November. An Integrated Conceptual Model for Information System Security Risk Management and Enterprise Architecture Management Based on TOGAF. In IFIP Working Conference on The Practice of Enterprise Modeling (pp.353-361). Springer International Publishing.

McKnight, D.H., Choudhury, V. & Kacmar, C., (2002). The impact of initial consumer trust on intentions to transact with a web site: a trust building model. The Journal of Strategic Information Systems, 11(3), pp.297-323.

McNeil, A.J., Frey, R. & Embrechts, P., (2015). Quantitative risk management: Concepts, techniques and tools. Princeton university press.

Miltgen, C.L., Popovič, A. & Oliveira, T., (2013). Determinants of end-user acceptance of biometrics: Integrating the “Big 3” of technology acceptance with privacy context. Decision Support Systems, 56, pp. 103-114.

Mohd, N.F., Banwet, D.K. & Shankar, R., (2007). Information risks management in supply chains: an assessment and mitigation framework. Journal of Enterprise Information Management, 20(6), pp. 677-699.

Murat, U & Bilgihan, Y., (2012). Innovative Green Technology in Turkey: Electric Vehicles' Future and Forecasting MarketShare. Procedia-Social and Behavioral Sciences, 41, pp. 139-146.

Nepal, S. & Chotiyaputta, V., (2016). Operation Risk Management: A Case Study of Baggage Logistic Technology at Munich Airport. วารสารปัญญาภิวัฒน,์8, pp.273-282.

Netemeyer, R., Bearden, W. & Sharma, S. (2003) Scaling procedures: issues and applications. London, Sage Publications.

Nor, A.H., Shamsuddin, A., Wahab, E., & Hamid, N.A., (2012), December. Preliminary qualitative findings on technology adoption of Malaysian SMEs. In Humanities, Science and Engineering (CHUSER), 2012 IEEE Colloquium on (pp. 15-20). IEEE.

Nwakanma, I.C., Ubani, E.C., Asiegbu, B.C. & Nwokonkwo, O.C., (2014). FactorsAffectingthe Adoption of ICT in the Hospitality Industry in Imo State. International Journal of Computer Science Issues (IJCSI), 11(4), p.170-181.

O'Connor, P., (2007). Online consumer privacy an analysis of hotel company behavior. Cornell Hotel and Restaurant Administration Quarterly, 48(2), pp.183-200.

Ou, L., (2016, May). The risk of corporate information disclosure-based internet and three-dimensional regulation mode. In Control and Decision Conference (CCDC), 2016 Chinese (pp. 4491-4496). IEEE.

Overbeek, S., Klievink, B., Hesketh, D., Heijmann, F. & Tan, Y.H., (2011). A Web-based data pipeline for compliance in international trade. WITNESS 2011, p. 32.

Palvia, P., (2009). The role of trust in e-commerce relational exernest Change: A unified model. Information & Management 46(4), 213–220.

Paraskevas, A., Buahlis, D., 2003. Outsourcing IT for small hotels: the opportunities and challenges of using application service providers. Cornell Hotel and Restaurant Administration Quarterly 43 (2), 27–39.

Peltier, T.R., (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press.

Pongsak, H & Sunil, S., (2007). ICT Adoption Propensity in the Hotel Industry: An Empirical Study. International Marketing Conference on Marketing & Society, 8-10 April, 2007, IIMK

Qun, R., (2010). Market Share Competition in The Chinese Online Game Industry. Thesis submitted in partial fulfillment of the requirements of the Business School of Bournemouth University for the degree of Doctor of Philosophy.

Raus, M., Barbara, F., & Roman, B., (2009). Electronic customs innovation: An improvement of governmental infrastructures. Government Information Quarterly, 26, 246–256.

Roca, J., Machado, D. & Vega, L., (2010). Personal innovativeness, security and privacy as determinants of e-trading adoption. International Journal of Electronic Finance 4(3), 269–286.

Rogers, E.M. (2003). Diffusion of innovations (5th ed.). New York: Free Press.

Rosemary, M., Bola, A., & Wilhelmina, S., (2012). An Empirical Evidence on the Usage of Internet Marketing in the Hospitality Sector in an Emerging Economy and its Relationship to Profitability. International Review of Social Sciences and Humanities, 4(1), 181-197.

Sadgrove, K., (2016). The complete guide to business risk management. Routledge.

Schwalbe, K., (2015). Information technology project management. Cengage Learning

Shoniregun, A., (2005). Impacts and Risk Assessment of Technology for Internet Security: Enabled Information Small Medium Enterprises. Springer, New York.

Simmons, G., Armstrong, G. & Durkin, M., (2008). A Conceptualization of the Determinants of Small Business Website Adoption: Setting the Research Agenda. International Small Business Journal, 26(3), 351–89.

Stanton, J.M., Stam, K.R., Mastrangelo, P., & Jolton, J., (2005). Analysis of end user security behaviors. Computers and Security 24(2), 124–133.

Stoneburner, G., Goguen, A. & Feringa, A., (2002). Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology, retrieved November 25, 2009.

Suhong, L., & Binshan, L., (2006). Accessing information sharing and information quality in supply chain management. Decision Support Systems, 42(3), 1641–1656.

Tsai, H., Song, H., & Wong, K.K., (2009). Tourism and hotel competitiveness research. Journal of travel & tourism marketing, 26(5-6), 522-546.

Tucker, S. (2008). E-Commerce Standard User Interface: An E-Menu System. Journal of Industrial Management and Data Systems, 108(8), 1009–1028.

Tuncel, G., & Alpan, G. (2010). Risk assessment and management for supply chain networks: A case study. Computers in Industry, 61(3), 250-259.

Urciuoli, L., Hintsa J, & Ahokas J., (2013). Drivers and barriers affecting usage of e-Customs-A global survey with customs administrations using multivariate analysis techniques. Government Information Quarterly 30, 473–485.

Veenstra, A., Klievink, B., & Janssen, M., (2008). Barriers and impediments to transformational government: Insights from literature and practice. Electronic Government, An International Journal, 8(2/3), 226–241.

Ward, J. & Peppard, J., (2016). The Strategic Management of Information Systems: Building a Digital Strategy. John Wiley & Sons.

Webster, M., Beach, R. & Fouweather, I., (2006). E-Business Strategy Development: An FMCG Sector Case Study. Supply Chain Management: An International Journal, 11(4), 353–62.

Westerman, G. & Hunter, R., (2007). ITRisk: Turning Business Threats into Competitive Advantage. Harvard Business School Press, Boston, MA, 2007.

Whitman, M. & Mattord, H., (2008). Principles of Information Security. Third edition, Course Technology, Florence, KY.

Wiengarten, F., Humphreys, P., Gimenez, C. & McIvor, R., (2016). Risk, risk management practices, and the success of supply chain integration. International Journal of Production Economics, 171, pp.361-370.




How to Cite

Gamal S. A. Khalifa, & EL-Hussin M. S. Ali. (2017). MANAGING DRIVERS AND BOUNDARIES OF INFORMATION TECHNOLOGY RISK MANAGEMENT (ITRM) TO INCREASE EGYPTIAN HOTELS MARKET SHARE. International Journal on Recent Trends in Business and Tourism (IJRTBT), 1(1), 12-31. Retrieved from

Most read articles by the same author(s)