A DEA-Based Approach for Information Technology Risk Assessment through Risk Information Technology Framework
Journal: The International Arab Journal of Information Technology (Vol.13, No. 1)Publication Date: 2016-01-01
Authors : Morteza Hatefi; Mehdi Fasanghari;
Page : 51-58
Keywords : Risk IT framework; risk management; process model; DEA.;
Abstract
The use of Information Technology (IT) in organizations is subject to various kinds of potential risks. Risk management is a key component of project management enables an organization to accomplish its mission(s). However, IT projects have often been found to be complex and risky to implement in organizations. The organizational relevance and risk of IT projects make it important for organizations to focus on ways in order to successfully implement IT projects. This paper focuses on the IT risk management, especially the risk assessment model and proposes a process oriented approach to risk management. To do this end, this paper applies the risk IT framework which has three main domains, i.e., Risk Governance (RG), risk analysis, Risk Response (RR) and 9 key processes. Then, a set of scenarios, which can improve the maturity level of risk IT processes, are considered and the impact of each scenario on the risk IT processes is determined by the expert opinions. Finally, the Data Envelopment Analysis (DEA) is customized to evaluate improvement scenarios and select the best one. The proposed methodology is applied to the Iran Telecommunication Research Centre (ITRC) to improve the maturity level of its IT risk management processes.
Other Latest Articles
- An Intelligent CRF Based Feature Selection for Effective Intrusion Detection
- Logo Recognition Using Deep Learning and Storing Screen Time in MongoDB Database
- STUDY OF INTERACTION BETWEEN TIGECYCLINE AND SULBACTAM
- Lending Club Default Prediction using Naïve Bayes and Decision Tree
- Efficient Transmission of PKI Certificates using EllipticCurve Cryptographyand its Variants
Last modified: 2019-11-13 18:34:54