Open Access Open Access  Restricted Access Subscription Access

Towards a Model of Maturity for is Risk Management


Affiliations
1 SIME Lab., ENSIAS, Rabat, Morocco
 

The risk management is an indispensable discipline for any organisation to acheive its objectives. As the IS (Information Systems) are key assets for organisations, managing IS risks becomes more and more important especially within a world in perpetual change. Since IS risk management creates plus value, it must follow a process of continuous improvement orchestrated by a model of maturity indicating in every time the runways of improvement. The studied literature shows the lack of a model that treat the maturity of the IS risk management and that consider all IS components. The present article has for purpose to initiate reflexion around this area and deliver a model of IS risk management maturity. First, we indicate IS definition that will fix the scope (All things concerned by IS risk management). Second, we define the IS risk management process that will fix the way (Activities used in IS risk manaegement). Third, we develop the maturity model for IS risk management. At the end, we conclude with perspectives opened to this work.

Keywords

Information System, Risk, Risk Management, Model of Maturity, Life Cycle.
User
Notifications
Font Size

Abstract Views: 296

PDF Views: 137




  • Towards a Model of Maturity for is Risk Management

Abstract Views: 296  |  PDF Views: 137

Authors

Mina Elmaallam
SIME Lab., ENSIAS, Rabat, Morocco
Abdelaziz Kriouile
SIME Lab., ENSIAS, Rabat, Morocco

Abstract


The risk management is an indispensable discipline for any organisation to acheive its objectives. As the IS (Information Systems) are key assets for organisations, managing IS risks becomes more and more important especially within a world in perpetual change. Since IS risk management creates plus value, it must follow a process of continuous improvement orchestrated by a model of maturity indicating in every time the runways of improvement. The studied literature shows the lack of a model that treat the maturity of the IS risk management and that consider all IS components. The present article has for purpose to initiate reflexion around this area and deliver a model of IS risk management maturity. First, we indicate IS definition that will fix the scope (All things concerned by IS risk management). Second, we define the IS risk management process that will fix the way (Activities used in IS risk manaegement). Third, we develop the maturity model for IS risk management. At the end, we conclude with perspectives opened to this work.

Keywords


Information System, Risk, Risk Management, Model of Maturity, Life Cycle.