Risk management framework with COBIT 5 and risk management framework for cloud computing integration

Khrisna, Akbar; Harlili,

doi:10.1109/icaicta.2014.7005923

Cited by 10 publications

(9 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…One of the frameworks that has been emerging in recent years is the COBIT whose new COBIT 2019 full release will be published by December 2018. This Framework, as extensively documented by the academic literature (Lainhart IV, 2000;Ridley et al, 2004;Khrisna, 2014;Rubino & Vitolla, 2014b;Rubino et al, 2017a and b;Javaid & Iqbal, 2017), is specifically oriented towards defining IT controls aimed at ensuring certain information requirements. The model structure is based on a series of processes that help to implement an effective IT governance system which produces benefits also on the internal control and risk management system.…”

Section: The Risk Framework' Limitations and Weaknesses: The Role Ofmentioning

confidence: 99%

A Comparison of the Main ERM Frameworks: How Limitations and Weaknesses can be Overcome Implementing IT Governance

Rubino¹

2018

IJBM

View full text Add to dashboard Cite

The significance of the Enterprise Risk Management (ERM) is widely recognized by the academic and professional literature. Knowledge and management of business risks are an integral part of every successful business strategy and are increasingly becoming a primary factor of competitiveness. Although several risk management frameworks have been published and updated over time, these standards still have limitations. The advent of IT helped companies to better manage business risks. The rise of the IT governance has improved the management and the monitoring of business processes as well as the implementation of policies and procedures. The aim of this paper is twofold. First, a comparative analysis of the main risk management frameworks was carried out, highlighting their limits and weaknesses. Second, it was highlighted how the IT governance and the related frameworks as COBIT could contribute to a better implementation of the risk management process that allows to overcome the limitations of the examined standards.The significance of the Enterprise Risk Management (ERM) is widely recognized by the academic and professional literature. Knowledge and management of business risks are an integral part of every successful business strategy and are increasingly becoming a primary factor of competitiveness. Although several risk management frameworks have been published and updated over time, these standards still have limitations. The advent of IT helped companies to better manage business risks. The rise of the IT governance has improved the management and the monitoring of business processes as well as the implementation of policies and procedures. The aim of this paper is twofold. First, a comparative analysis of the main risk management frameworks was carried out, highlighting their limits and weaknesses. Second, it was highlighted how the IT governance and the related frameworks as COBIT could contribute to a better implementation of the risk management process that allows to overcome the limitations of the examined standards.

show abstract

Section: The Risk Framework' Limitations and Weaknesses: The Role Ofmentioning

confidence: 99%

A Comparison of the Main ERM Frameworks: How Limitations and Weaknesses can be Overcome Implementing IT Governance

Rubino¹

2018

IJBM

View full text Add to dashboard Cite

show abstract

“…Paradigma baru yang diusung oleh cloud computing terkait layanan TIK antara lain : reduksi biaya, fleksibilitas layanan yang tinggi, dan metode akses yang dapat dilakukan dimana saja, kapan saja, dan menggunakan perangkat apa saja (Avram, 2014;Frantsvog, Seymour, & John, 2012;Hsu, Ray, & Li-Hsieh, 2014;Tim Mell, 2009;Zissis & Lekkas, 2011). Hal tersebut dapat menjadi pendorong pemerintah untuk segera melakukan adopsi cloud computing (Zhang & Chen, 2010 (Samani, Honan, & Reavis, 2015), terlebih cloud computing adalah salah satu skema dari outsourcing TIK sehingga manajemen risiko yang tepat harus segera dilaksanakan (Paquette, Jaeger, & Wilson, 2010;Yaumi & Kridanto, 2012 (Susanto, Almunawar, & Tuan, 2011 Research (Hevner, March, Park, & Ram, 2004;Khrisna & Harlili, 2014 memungkinkan kapabilitas dari sisi pengguna dapat dikelola secara langsung .…”

Section: Salah Satu Key Factor Dalam Indikator Networkunclassified

Manajemen Risiko Infrastruktur Cloud Pemerintah Menggunakan Nist Framework Studi Kasus Lembaga Ilmu Pengetahuan Indonesia (LIPI)

Prabowo

Widyawan²,

Setiawan³

et al. 2017

jppi

View full text Add to dashboard Cite

AbstrakLembaga Ilmu Pengetahuan Indonesia (LIPI) sejak tahun 2015 telah menggunakan teknologi cloud computing sebagai pengganti infrastruktur data center yang mengalami kerusakan. Setiap penerapan teknologi baru, organisasi dihadapkan berbagai peluang dan risiko yang dapat mempengaruhi kinerja organisasi tersebut. Terlebih cloud computing merupakan salah satu skema outsourcing TIK sehingga manajemen risiko yang tepat harus dilaksanakan. Tujuan penelitian ini adalah melakukan manajemen risiko terhadap penggunaan teknologi cloud computing menggunakan framework yang tepat sehingga manfaat dari teknologi tersebut dapat diperoleh secara maksimal. Penelitian ini menggunakan framework NIST SP800-37 revision 1 Guide for Applying the Risk Management Framework to Federal Information Systems. Pemilihan framework ini karena dari hasil analisis framework ini paling sesuai dengan kondisi LIPI. Selain itu framework ini telah diadaptasi untuk bisa menyesuaikan dengan lingkungan cloud. Hasil dari penelitian yang telah terlaksana sampai tahap ketiga adalah tersusunnya rencana keamanan yang merupakan bagian dari proses manajemen risiko. Diharapkan rencana keamanan yang berisi kategorisasi sistem informasi, tipe informasi, dan kontrol keamanan yang terpilih dapat diimplementasikan sehingga keamanan lingkungan cloud dapat terjamin.

show abstract

“…The enterprise will be able to identify its weakness and strength for each factor, and then build and prepare plan that can help them to make appropriate decision toward a successful adoption of Cloud Computing [35]. Cloud computing's risks can bring negative effects on any companies or organizations, therefore an effective risk management is needed to balance the operational and financial cost as well as proactive actions to secure data, information systems and technologies [27]. Understanding the true potential of mobile cloud computing and identifying issues with mobile cloud security, privacy, feasibility and accessibility remain a major concern for both the customers and the enterprises [36].…”

Section: Classification Of Critical Cloud Security Issues Based On CLmentioning

confidence: 99%

Classification of Critical Cloud Computing Security Issues for Banking Organizations: A Cloud Delphi Study

Elzamly¹,

Hussin²,

Basari³

2016

IJGDC

View full text Add to dashboard Cite

show abstract

Risk management framework with COBIT 5 and risk management framework for cloud computing integration

Cited by 10 publications

References 5 publications

A Comparison of the Main ERM Frameworks: How Limitations and Weaknesses can be Overcome Implementing IT Governance

A Comparison of the Main ERM Frameworks: How Limitations and Weaknesses can be Overcome Implementing IT Governance

Manajemen Risiko Infrastruktur Cloud Pemerintah Menggunakan Nist Framework Studi Kasus Lembaga Ilmu Pengetahuan Indonesia (LIPI)

Classification of Critical Cloud Computing Security Issues for Banking Organizations: A Cloud Delphi Study

Contact Info

Product

Resources

About