Risk Management Maturity Evaluation Artifact to Enhance Enterprise IT Quality

Misael Sousa de Araujo, Edgard Costa Oliveira, Simone Borges Simão Monteiro, Tharcísio Marcos Ferreira de Queiroz Mendonça



Information plays a fundamental role throughout an enterprise architecture, figuring as a strategic component to fulfill its business processes. The application of IT Risk Management models is a key success factor to reach organizations goals. However, just by adopting risk management practices is not enough to guarantee the expected benefits. Organizations face a growing need to know how efficient their business processes are, including its risk management processes, so that an efficiency degree can be stated in a determined scale, by knowing existing deficiencies, and to make an improvement plan to raise process quality and to compare its performance with other similar enterprises. Due to the diversity of maturity models and their characteristics, this paper developed a comparative study between the main maturity models of the market, in which it was possible to define, with the help of the decision technique AHP – Analytic Hierarchy Process, the process evaluation model of COBIT 4.1 to measure risk management of IT maturity in modern enterprises.


