A Maturity Model for Assessing IS Risk Management Activity Considering the Dependencies Between Its Elements

Elmaallam, Mina; Bensaid, Hicham; Kriouile, Abdelaziz

doi:10.5539/cis.v12n1p98

Cited by 3 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Algorithm 1 provides a full description of the "Path Prerequisites" algorithm. (Elmaallam et al, 2019) aims to evaluate Information System (IS) risk management. An IS is defined as a special case of work system (Alter and Sherer, 2004).…”

Section: Improvement Plan Definition Algorithm: "Path Prerequisites"mentioning

confidence: 99%

See 1 more Smart Citation

An Algorithm To Determine The Maturity Improvement Plan For Information System Risk Management. Application On A Case Study

Amraoui¹,

Elmaallam²,

Bensaid³

2019

Journal of Computer Science

Self Cite

View full text Add to dashboard Cite

A good and relevant Risk Management process is a key issue when Information System effective governance is concerned. Therefore, several paradigms have been devised to help achieving such goal. Among these paradigms, maturity models are quite popular. The main aim of a maturity model is to help users improve their activities capability. However, one of the major challenges encountered when using these models is the definition of the improvement plan after the evaluation. This challenge is all the stronger and costly when it comes to an activity whose elements or phases have an important interdependence such as IS risk management. In this article, we propose an algorithm called "Path Prerequisites" to help users define a graduate improvement plan, easily and efficiently, from a given maturity level to a target one, while handling criteria dependencies constraints. The algorithm is based on an acyclic graph representation of the control objectives and the dependencies among them and it corresponds to a guided (backwards) traversal of the graph. We assess the algorithm by applying it to a study case.

show abstract

Section: Improvement Plan Definition Algorithm: "Path Prerequisites"mentioning

confidence: 99%

“…Section three introduces the "Path Prerequisites" algorithm. Section four illustrates the "demonstration and evaluation" phases which are an application of the "Path Prerequisites" algorithm to the model "ISR3M" (Elmaallam et al, 2019), a maturity model for assessing the information system risk management. Section five concludes.…”

Section: Introductionmentioning

confidence: 99%