2010
DOI: 10.1007/s10796-010-9235-3
|View full text |Cite
|
Sign up to set email alerts
|

RiskM: A multi-perspective modeling method for IT risk assessment

Abstract: Stakeholder involvement and participation are widely recognized as being key success factors for IT risk assessment. A particular challenge facing current IT risk assessment methods is to provide accessible abstractions on matters of IT risk that attend to both managerial and technical perspectives of the stakeholders involved. In this paper, we investigate whether a conceptual modeling method can address essential requirements in the IT risk assessment domain, and which structural and procedural features such… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
28
0

Year Published

2011
2011
2023
2023

Publication Types

Select...
6
3
1

Relationship

1
9

Authors

Journals

citations
Cited by 50 publications
(28 citation statements)
references
References 31 publications
0
28
0
Order By: Relevance
“…This study introduces a semantic annotation approach for process models and the ability to model preconditions and effects of tasks within a process (Hoffmann et al, 2012). On a similar note Strecker et al (2011) suggest a modelling approach and a process for the assessment of IT risks. Other aspects of GRC systems examined in the literature are the governance of outsourcing relationships (Ali & Green, 2012) and process management systems requirements to support semantic constraints as well as the criteria that enable integrated compliance support through the entire process lifecycle (Ly, Rinderle-Ma, Göser, & Dadam, 2012).…”
Section: Prior Research On Grcmentioning
confidence: 99%
“…This study introduces a semantic annotation approach for process models and the ability to model preconditions and effects of tasks within a process (Hoffmann et al, 2012). On a similar note Strecker et al (2011) suggest a modelling approach and a process for the assessment of IT risks. Other aspects of GRC systems examined in the literature are the governance of outsourcing relationships (Ali & Green, 2012) and process management systems requirements to support semantic constraints as well as the criteria that enable integrated compliance support through the entire process lifecycle (Ly, Rinderle-Ma, Göser, & Dadam, 2012).…”
Section: Prior Research On Grcmentioning
confidence: 99%
“…This research focuses on the GRC in the environmental management area. The last paper of the GRC special issue closes with a modelling approach of risks and a process for the assessment of IT risks (Strecker et al 2011).…”
Section: The Grc Concept and Frameworkmentioning
confidence: 99%
“…5, are based on the MEMO approach. Thus the present models are illustrated presuming modelling languages and notation of the MEMO language family, for instance, for strategic, organisational, and IT landscape modelling [11,14] as well as specific extensions like for risk or indicator modelling [27,28]. It is, however, important to note that shown diagrams and meta models are not intended to predetermine a specific enterprise modelling approach; instead, they serve as an illustration of principle application and design decisions in context of enterprise model-based ITSM.…”
Section: Outline Of Em-based It Service Managementmentioning
confidence: 99%