Open AccessA Maturity Model for Assessing IS Risk Management Activity Considering the Dependencies Between Its Elements
Author(s) -
Mina Elmaallam,
Hicham Bensaid,
Abdelaziz Kriouile
Publication year - 2019
Publication title -
computer and information science
Language(s) - English
Resource type - Journals
eISSN - 1913-8997
pISSN - 1913-8989
DOI - 10.5539/cis.v12n1p98
Subject(s) - maturity (psychological) , computer science , capability maturity model , risk analysis (engineering) , risk management , key (lock) , asset (computer security) , process (computing) , process management , asset management , computer security , business , psychology , developmental psychology , software , finance , programming language , operating system
The information systems (IS) are a key asset for organizations. Therefore, managing IS risks becomes more and more important especially within a world in perpetual change. Since IS risk management creates added-value, it must follow a process of continuous improvement orchestrated by a maturity model that figures out available pathways for a better improvement. The studied literature shows the lack of an IS risk management maturity model that considers all IS components and specificities of risk management activity. The present article shows first this lack in the section related to the comparative analysis of the existing models. Then, it proposes a maturity model to address this issue. The proposed model aims to assess the information system risk management activity while considering the dependencies between its elements.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom