การประเมินความเสี่ยงการใช้ระบบงานสาธารณูปโภค ของการไฟฟ้าส่วนภูมิภาค อำเภอเกาะคา จังหวัดลำปาง

Abstract

This independent study aims to study the risk assessment in implementation of Industrial Solution Utilities of Provincial Electricity Authority Ko Kha district, Lampang province. This study applied in-depth interviews to collect data from fourteen heads of department in order to identify risk factors that could influence objective achievement of the organization. The collected data was subsequently used to develop a questionnaire guided by the conceptual framework of the study. Eighty participants, including heads of department, academicians, technicians and accountants, answered the questionnaire to assess the likelihood of risk occurrence and the range of risk impact. Risk factors were concluded by employing descriptive statistics, which involves frequency, percentage, mean, and descriptive narration. The results of this study reveal that the risk level was generally moderate and all components of information system were also at moderate risk level. In terms of the people component, even though risk level was moderate, having only one worker in each module was one of the high risk issues as the employees cannot work in place of one another. Pertaining to high risk factor, most workers had been using the previous work system for a long time which causes them to feel reluctant toward effectively utilizing the new system. Moreover, variation in seniority and qualification of each personnel caused learning and adjustment to the new system to vary as well. For the procedures and work instructions component, the risk level was moderate, and all of the risk issues were also at moderate risk level. The data component also had moderate risk level. The issue with high risk level was failure to check and input accurate data to the system causing having incorrect information in the system and negatively affected other continuous modules. For the software component, the risk level was moderate but high risk issues still found out. Using the system simultaneously nationwide causing system crashes and processing a large amount of data at a time prolonging data processing time. Another component that had moderate risk level was information technology infrastructure. The issue posing high risk level was limited number of personnel causing ineffective maintenance of computers, telecommunication equipment, and computer networks. Although the risk level of the issues related to internal controls and security measures was in a moderate range, issues with high risk level were pointed out. Insufficient user identifications (IDs) leading to work cessation or delay, limited number of user IDs for each department contributed to high risk level as it led to damages caused by employees of different departments sharing user IDs. Furthermore, limited number of user IDs also made it difficult to identify that which employees did it. For the risk prioritization of the six components of accounting information system revealed that software had highest risk level comparing to the other components. As the system is used simultaneously throughout the country, data processing could be congested or delayed. Consequently, the system should be frequently evaluated and developed in order to enhance its efficiency.