scholarly journals Measurement of IT Risk Management Maturity Level in CEC Using IT Domain Risk Governance Framework

2021 ◽  
Vol 6 (1) ◽  
pp. 42-48
Author(s):  
Annas Iswahyudi
Keyword(s):  
Risk Management ◽  
Risk Governance ◽  
Maturity Model ◽  
It Risk Management ◽  
Risk Management Framework ◽  
Information Technology Services ◽  
Technology Services ◽  
Risk Framework ◽  
The Impact ◽  
It Risk

IT Risk Management has long been adopted and implemented in CEC. This is inseparable from the high need for reliable and trusted information technology services at CEC as a government institution that has primary task for eradicating corruption. With a good IT risk management is expected to reduce the impact if the IT risk occurs and impacted to overall business process in CEC. However, up to 15 years after the implementation of IT risk management has never been measured how the level of IT maturity risk management. In this research, Author will use the IT Risk Framework with the risk governance domain approach as a standard IT risk management framework to evaluate the implementation of IT risk management in CEC. The process of evaluating the level of IT maturity is based on the maturity model that has been defined in the IT risk framework.

Board and Management-Level Factors Affecting the Maturity of IT Risk Management Practices

2018 ◽  
Vol 33 (3) ◽  
pp. 117-135
Author(s):  
Nishani Edirisinghe Vincent ◽  
Julia L. Higgs ◽  
Robert E. Pinsker
Keyword(s):  
Risk Management ◽  
Internal Control ◽  
Management Practices ◽  
Factors Affecting ◽  
Management Level ◽  
It Risk Management ◽  
Top Managers ◽  
Risk Oversight ◽  
The Impact ◽  
It Risk

ABSTRACT The Securities and Exchange Commission's 2009 enhanced proxy disclosure requirements and the updated Committee of Sponsoring Organizations' (COSO) Internal Control Framework have caused organizations to increase their focus on risk management and consider the impact of information technology (IT) in enterprise risk management. Our study examines whether board involvement, board expertise, and top management's risk culture affect the maturity of IT risk management practices (maturity) in firms. We find that board involvement positively influences maturity while top managers' risk-taking behavior is associated with lower maturity. Even though board expertise influences maturity, board involvement is more important in explaining maturity. Maturity is higher in firms where risk oversight lies with a board-level, rather than a management, committee. However, the maturity of ITRM practices does not differ among firms whether risk oversight lies with the overall board, or any other board committee. The findings contribute to an under-researched area in IT governance.

Kendala Manajemen Risiko Teknologi Informasi Pada Kasus Skimming ATM Bank X

2019 ◽  
Vol 10 (1) ◽  
pp. 107-120
Author(s):  
Wahyu Firmandani ◽  
M. Malik
Keyword(s):  
Risk Management ◽  
Risk Evaluation ◽  
Best Practice ◽  
Risk Governance ◽  
Risk Awareness ◽  
Risk Response ◽  
It Risk Management ◽  
Study Approach ◽  
Governance Risk ◽  
It Risk

Abtract. The purpose of this study is to analyze the IT risk management constraints resulting in the appearance of Bank X ATM ATMs to anticipate similar events. The research method used in this study is qualitative with case study approach to deeply explore the constraints faced by Bank X in accordance with best practice RiskIT Framerowk by considering the three domains namely Risk Governance, Risk Evaluation, and Risk Response. The conclusions of this study are that Bank X has implemented IT risk management in accordance with the RIskTI Framework but there are still some weaknesses in governance processes, evaluation processes and the response processes, that are the MR Functional hierarchy and culture risk awareness, alignment of enterprise risk evaluation processes with risk based on audit processes, and constraints on the magnetic strip card migration process.Keywords. ATM (Authomatic Teller Machine), RiskIT Framework, Risk Management Constraints. Abstrak. Tujuan penelitian ini adalah menganalisis kendala manajemen risiko TI yang mengakibatkan munculnya kasus skimming ATM Bank X untuk mengantisipasi kejadian serupa tidak terjadi lagi. Metode penelitian yang digunakan dalam penelitian ini adalah kualitatif dengan pendekatan studi kasus untuk menggali secara mendalam kendala yang dihadapi Bank X sesuai dengan best practice RiskIT Framerowk dengan mempertimbangkan ketiga domain yakni Risk Governance, Risk Evaluation, and Risk Response. Kesimpulan dari penelitian ini adalah Bank X telah menerapkan manajemen risiko TI sesuai dengan RIskTI Framework namun masih terdapat beberapa kelemahan pada proses tata kelola, pemanfaatan perangkat manajemen risiko operasional dan tindaklanjut (respon) atas kasus skimming ATM Bank X, yakni pada hierarki Fungsi MR dan budaya risk awareness, keselarasan proses evaluasi risiko perusahaan dengan risk based pada proses audit, dan kendala pada proses migrasi kartu magnetic strip. Kata Kunci: ATM (Authomatic Teller Machine), Framework RiskIT, Kendala Manajemen Risiko.

scholarly journals IT Risk Management Maturity Model for SOA

2021 ◽  
Vol 174 (30) ◽  
pp. 25-32
Author(s):  
Rafael de Almeida Azevedo ◽  
Paulo Caetano da Silva ◽  
André Magno de Costa Araújo
Keyword(s):  
Risk Management ◽  
Maturity Model ◽  
It Risk Management ◽  
It Risk

A Step-by-Step Procedural Methodology for Improving an Organization's IT Risk Management System

2018 ◽  
pp. 236-257
Author(s):  
Shanmugapriya Loganathan
Keyword(s):  
Risk Management ◽  
Data Security ◽  
Vital Role ◽  
Transfer System ◽  
Business Systems ◽  
It Risk Management ◽  
It Organization ◽  
Security Network ◽  
Business Cost ◽  
It Risk

Risks in IT are described as a form of threat in context with data security, network transfer, system scheduled processes, critical applications, and business procedures. IT risk management is broadly defined as the process of managing IT risks, and must be executed on a regular basis. It is neither a product nor a purchase, but a policy of an organization implements to protect its business systems. Managing IT risk plays a vital role in administering any business in today's world. Irrespective of the business, deep knowledge of IT risk leads to increased data security, reduced business cost, and greater compliance. This chapter deals with methodologies to improve risk management in an IT organization, their impact, and some examples.

Global IT Risk Management Strategies

2008 ◽  
pp. 285-298 ◽  
Author(s):  
Chrisan Herrod
Keyword(s):  
Risk Management ◽  
Financial Risk ◽  
Best Practice ◽  
New Technologies ◽  
Management Strategies ◽  
Regulatory Compliance ◽  
It Risk Management ◽  
Reputational Risk ◽  
Risk Management Strategies ◽  
It Risk

This chapter describes why it is important for organizations to develop and implement an IT risk management function and use best practice risk assessment methodologies that provide a standard to measure and assess risk within organizations. Information technology risk management is a significant new function that can help companies achieve world class IT service. IT risk management includes regulatory compliance, information security, disaster recovery, and project risks. IT risk management should be part of a company’s risk management strategy on an equal footing with financial risk management and reputational risk management. As the complexity of IT infrastructures increases and as businesses continue to rely upon the Internet as the communication backbone for e-business, the associated risks increase. For these reasons, deciding upon and implementing a risk management process and a standard methodology will greatly reduce the risks associated with the introduction of new technologies that support the mission of the business.

Sign in / Sign up

Export Citation Format

Share Document