Authors:
Misael Sousa de Araujo
1
;
Edgard Costa Oliveira
2
;
Simone Borges Simão Monteiro
2
and
Tharcísio Marcos Ferreira de Queiroz Mendonça
1
Affiliations:
1
Fundação Oswaldo Cruz, Brazil
;
2
Universidade de Brasília, Brazil
Keyword(s):
Enterprise Risk Management, IT Governance, Maturity Model, Evaluation Artifact.
Abstract:
Information plays a fundamental role throughout an enterprise architecture, figuring as a strategic component to fulfill its business processes. The application of IT Risk Management models is a key success factor to reach organizations goals. However, just by adopting risk management practices is not enough to guarantee the expected benefits. Organizations face a growing need to know how efficient their business processes are, including its risk management processes, so that an efficiency degree can be stated in a determined scale, by knowing existing deficiencies, and to make an improvement plan to raise process quality and to compare its performance with other similar enterprises. Due to the diversity of maturity models and their characteristics, this paper developed a comparative study between the main maturity models of the market, in which it was possible to define, with the help of the decision technique AHP – Analytic Hierarchy Process, the process evaluation model of COBIT 4
.1 to measure risk management of IT maturity in modern enterprises.
(More)