Autoavaliação da governança de TI em uma autarquia federal com base na gestão de riscos

This research was developed in a Federal Autarchy (FA) and the aims is to analyze an Information Technology (IT) contract of the institution and make simulations based on risk management, the capacity level of Governance of Information Technology (GIT), to identify improvement opportunities that will serve as subsidies to upgrade the Governance Index of Information Technology (GovIIT) of the FA. The research strategy used was a study case, along with qualitative and quantitative approaches, and with respect to data were collected through interviews and documents. For the application of research in the context of IT coordination was prioritized an IT contract and analyzed its processes involving contract management in accordance with the Normative Instruction (NI) 04/2014, vulnerabilities, suggestions for improvement and prioritizing service IT were pointing at greatest risk in the contractual transition, through the Analytic Hierarchy Process (AHP) method. Then applied to risk management technique linking GIT auditing and IT service management processes that are embedded by the Service Desk contract. The results were traced actions/recommendations for prioritized risks. It was developed a computer simulation based on the GIT questionnaire of the Federal Court of Accounts (FCA) to measure a prior the impact of treatment of the risks identified by Failure Mode and Effect Analysis (FMEA) technical and to assist in the self-assessment the GovIIT.