IT risk management framework for business continuity by change analysis of information system

2012 ◽  
Author(s):  
Masaki Samejima ◽  
Hiroshi Yajima
Keyword(s):  
Information System ◽  
Risk Management ◽  
Business Continuity ◽  
Change Analysis ◽  
Management Framework ◽  
It Risk Management ◽  
Risk Management Framework ◽  
It Risk

Research on Integrated Risk Management Framework of Manufacturing Engineering Project

2011 ◽  
Vol 323 ◽  
pp. 217-221 ◽  
Author(s):  
Yun Li Gao ◽  
Qing Chun Wang
Keyword(s):  
Information System ◽  
Risk Management ◽  
Life Cycle ◽  
Risk Identification ◽  
Engineering Project ◽  
Management Framework ◽  
Risk Management Framework ◽  
Integrated Risk ◽  
Integrated Risk Management ◽  
Total Life

As the scale of investment on projects increases, manufacturing project integrated risk management becomes more important. The content and relationship of the integrated risk manufacturing management framework are discussed in the paper. The framework is composed of five parts which are the integration of risk management targets, total life cycle, processes and methods, organization and information system. In the different phase of total life cycle, depending on the risk management information system, project risk management organization who is in the form of virtue team promotes the risk management loop which is composed of the risk identification, risk evaluation, risk handling and risk monitoring (IEHM), to achieve the project targets. The integrated risk management framework is presented by the systematic method. The framework provides the basis for further development of integrated risk management.

scholarly journals Analisis Manajemen Risiko Startup pada Masa Pandemi COVID-19 Menggunakan COBIT® 2019

2021 ◽  
Vol 8 (3) ◽  
pp. 635
Author(s):  
Dio Febrilian Tanjung ◽  
Aulia Oktaviana ◽  
Aris Puji Widodo
Keyword(s):  
Information Technology ◽  
Risk Management ◽  
Qualitative Method ◽  
Business Processes ◽  
Business Continuity ◽  
Business Success ◽  
It Risk Management ◽  
Corporate Business ◽  
A Company ◽  
It Risk

<p>Perkembangan <em>startup </em>berbasis teknologi informasi (TI) semakin meningkat dewasa ini. Sebagai penunjang keberhasilan bisnis perusahaan, TI memiliki risiko yang timbul di berbagai keadaan terutama di era pandemi COVID-19. Salah satu alternatif yang dapat dimanfaatkan untuk mengelola dan menjamin usaha yang lebih kondusif dan kredibel yaitu manajemen risiko yang tepat. Hal ini karena manejemen risiko menjadi hal yang penting pada bisnis dalam meningkatkan keuntungan dan mempertahankan kontinuitas bisnis, terutama dalam kondisi pandemi COVID-19. Pembahasan manajemen risiko TI secara umum sudah cukup banyak, namun penelitian manajemen risiko dalam menghadapi masa pandemi perlu dipertimbangkan. Hal ini dikarenakan pada masa pandemi ini, TI menjadi salah satu kunci agar bisnis dapat bertahan dan memenangkan kompetisi. Selain itu, pandemi COVID-19 termasuk dalam kasus luar biasa yang belum pernah terjadi dalam kurun waktu ratusan tahun, sehingga secara teknis risiko dari pandemi ini termasuk dalam risiko yang tidak terpikirkan sebelumnya oleh perusahaan. Tujuan penelitian ini untuk mengidentifikasi kondisi implementasi manajamen dan ancaman risiko terhadap proses bisnis pada sebuah perusahaan <em>startup </em>terutama di masa pandemi. Penelitian ini menggunakan metode kualitatif dengan mengacu pada COBIT® 2019 fokus domain DSS04 <em>Manage Continuity </em>dengan melakukan observasi awal terhadap kondisi perusahaan dan wawancara terhadap pemangku kepentingan perusahaan. Hasil penelitian menunjukkan bahwa perusahaan telah melakukan penyesuaian terhadap kebutuhan bisnis selama masa pandemi COVID-19 untuk memastikan keberlangsungan bisnis. Namun dalam pelaksanaannya belum ada pengukuran <em>risk management</em> untuk mengontrol apakah manajemen risiko yang dijalankan sudah tepat, sehingga diperlukan penerapan COBIT® 2019 dalam tata kelola bisnis perusahaan.</p><p> </p><p><em><strong>Abstract</strong></em></p><p><em>The development of information technology (IT) based startups is increasing nowadays. To support the company's business success, IT has risks arising from various circumstances, especially in the era of the COVID-19 pandemic. One alternative that can be used to manage and ensure a conducive and credible business is proper risk management. This is because risk management is important for businesses in increasing profits and maintaining business continuity, especially in the conditions of the COVID-19 pandemic. There is a lot of discussion about IT risk management in general, but research on risk management in dealing with the pandemic needs to be considered. This is because during this pandemic, IT is one of the keys for businesses to survive and win the competition. In addition, the COVID-19 pandemic is included in an extraordinary case that has not occurred in hundreds of years, so that technically the risks from this pandemic are included in risks that were not thought of before by the company. The purpose of this study is to identify the conditions of management implementation and risk threats to business processes at a company startup, especially during the pandemic. This study uses a qualitative method with reference to COBIT® 2019 focused on the DSS04 Manage Continuity domain by conducting initial observations of the company's condition and interviews with company stakeholders. The results show that the company has made adjustments to business needs during the COVID-19 pandemic to ensure business continuity. However, in practice there is no risk management measurement to control whether the risk management is carried out properly, so it is necessary to implement COBIT® 2019 in corporate business governance.</em></p><p><em><strong><br /></strong></em></p>

scholarly journals Business Process Assessment with Balanced Scorecard and Framework COBIT

2018 ◽  
pp. 221-228
Author(s):  
Harryston Nagata ◽  
Johanes Fernandes Andry
Keyword(s):  
Information System ◽  
Risk Management ◽  
Business Process ◽  
Balanced Scorecard ◽  
Process Assessment ◽  
Balance Scorecard ◽  
It Risk Management ◽  
Business Goals ◽  
Internal Business Process ◽  
It Risk

Manufacturing company is the company that produces household appliances based on plastic / plastic houseware, this company has applied information system but there is often problem in sales department that is when processing of data discount, data obtained wrong and not according to which have been determined. Therefore, the author is given the task to audit the information system on the company. The author uses the COBIT and Balance Scorecard framework, the COBIT domain used is the Plan and Organize (PO) and Acquire and Implement (AI), in the PO Domain the author uses PO4 sub-domains (Define the IT Processes, Organization and Relationships) Communications management aims and direction) and PO 9 (Assess and Manage IT risks) whereas in AI Domain used is AI4 (Enable Operation and Use), Balanced Scorecard Perspective used in this research is Internal Business Process, which focuses on business process assessment company and business goals have been in line with IT goals. The results from this research is still many deficiencies that exist in company especially at risk management of IT proven and IT risk management that have not managed maximally so that can be developed in the future.

scholarly journals Measurement of IT Risk Management Maturity Level in CEC Using IT Domain Risk Governance Framework

2021 ◽  
Vol 6 (1) ◽  
pp. 42-48
Author(s):  
Annas Iswahyudi
Keyword(s):  
Risk Management ◽  
Risk Governance ◽  
Maturity Model ◽  
It Risk Management ◽  
Risk Management Framework ◽  
Information Technology Services ◽  
Technology Services ◽  
Risk Framework ◽  
The Impact ◽  
It Risk

IT Risk Management has long been adopted and implemented in CEC. This is inseparable from the high need for reliable and trusted information technology services at CEC as a government institution that has primary task for eradicating corruption. With a good IT risk management is expected to reduce the impact if the IT risk occurs and impacted to overall business process in CEC. However, up to 15 years after the implementation of IT risk management has never been measured how the level of IT maturity risk management. In this research, Author will use the IT Risk Framework with the risk governance domain approach as a standard IT risk management framework to evaluate the implementation of IT risk management in CEC. The process of evaluating the level of IT maturity is based on the maturity model that has been defined in the IT risk framework.

A Hybrid Asset-Based IT Risk Management Framework

2021 ◽  
pp. 236-253
Author(s):  
Baris Cimen ◽  
Meltem Mutluturk ◽  
Esra Kocak ◽  
Bilgin Metin
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Quantitative Methods ◽  
Security Risks ◽  
Management Framework ◽  
Qualitative And Quantitative Methods ◽  
Risk Management Framework ◽  
Analysis Methodology ◽  
Business Goals ◽  
It Risk

Information security has become one of the most important responsibilities of all organizations due to increasing cyber threats. Attackers take advantage of systems vulnerabilities; therefore, system administrators should be aware of potential threats to take necessary actions to protect their organizations and stakeholders. At this point, a risk assessment is needed to discover possible threats for vulnerable systems of the organization and to implement strategies for the business goals. This study proposes a hybrid risk management framework using both qualitative and quantitative methods to analyze risk within organizations and reduce them with practical countermeasures. Based on this framework, case studies have been carried out considering three hypothetical companies identifying possible information security risks, and these risks have been reduced to an acceptable level by applying the proposed risk analysis methodology.

A Hybrid Asset-Based IT Risk Management Framework

2022 ◽  
pp. 56-76
Author(s):  
Baris Cimen ◽  
Meltem Mutluturk ◽  
Esra Kocak ◽  
Bilgin Metin
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Quantitative Methods ◽  
Security Risks ◽  
Management Framework ◽  
Qualitative And Quantitative Methods ◽  
Risk Management Framework ◽  
Analysis Methodology ◽  
Business Goals ◽  
It Risk

Information security has become one of the most important responsibilities of all organizations due to increasing cyber threats. Attackers take advantage of systems vulnerabilities; therefore, system administrators should be aware of potential threats to take necessary actions to protect their organizations and stakeholders. At this point, a risk assessment is needed to discover possible threats for vulnerable systems of the organization and to implement strategies for the business goals. This study proposes a hybrid risk management framework using both qualitative and quantitative methods to analyze risk within organizations and reduce them with practical countermeasures. Based on this framework, case studies have been carried out considering three hypothetical companies identifying possible information security risks, and these risks have been reduced to an acceptable level by applying the proposed risk analysis methodology.

Risk Management Model in ITIL

2013 ◽  
pp. 207-214
Author(s):  
Sarah Vilarinho ◽  
Miguel Mira da Silva
Keyword(s):  
Risk Management ◽  
Best Practice ◽  
Service Management ◽  
Management Model ◽  
Business World ◽  
Management Framework ◽  
It Service ◽  
Risk Management Framework ◽  
Future Work ◽  
It Risk

ITIL is considered a framework of Best Practice guidance for IT Service Management, and it is widely used in the business world. In spite of this, ITIL has some gaps in Risk Management specification. This chapter approaches this problem in ITIL and compares IT risk management in ITIL to other IT Governance Frameworks. Despite ITIL stating that risk should be identified, measured, and mitigated, it is not clear on how to proceed (no concrete process is defined on how to deal with risk). To solve this, the authors propose to map the M_o_R risk management framework in ITIL, mapping every M_o_R process in ITIL, therefore adopting a strong risk management in ITIL, based on concrete guidelines, without changing the framework. In this chapter, the authors summarize the necessary guidelines and show a planning for future work.

Sign in / Sign up

Export Citation Format

Share Document