A Novel Approach for Optimizing Governance, Risk management and Compliance for Enterprise Information security using DEMATEL and FoM

Dharmalingam, Ramalingam; Arun, Shivasankarappa; Anbazhagan, N.

doi:10.1016/j.procs.2018.07.197

Cited by 15 publications

(5 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In addition, carrying out evaluation and monitoring so that SI continues to run as expected must always be done. Talented human resources are also needed to build and develop systems to remain relevant to the alignment of established business strategies and processes [36], [41], [42], [44].…”

Section: Managerial Implicationmentioning

confidence: 99%

Analysis of the Implementation GRC Information System in Supporting Performance Optimization

Adisuria

Jayadi

2023

JOISM

View full text Add to dashboard Cite

The Integrated Governance and Compliance Risk Information System (SIGRC) is critical in helping institutions achieve their goals and deal with uncertainty. An Indonesian Government Agency (IGA) has used SIGRC for years. However, its utilization is still unknown. This research studies the impact of acceptance and utilization of SIGRC using Delone McLean and Unified Technology Acceptance and Use Technology. The conclusion is that the relationship between use and net benefits is unaffected. User intention on use, performance expectations on user intention, use on user satisfaction, and user satisfaction on the net benefit of SIGRC benefits are five factors that influence user satisfaction. While the expectation of use intention (ITU). Information quality with ITU. Quality of service with the use of ITU. Service quality with user satisfaction, system quality with ITU, and system quality with user satisfaction all have an influence but are not significant. This research is expected as a guideline for others to evaluate the effectiveness of SIGRC's performance. Keywords: GRC Software, Delone & Mclean, UTAUT, Decision Support System, Evaluation Information System

show abstract

Section: Managerial Implicationmentioning

confidence: 99%

Analysis of the Implementation GRC Information System in Supporting Performance Optimization

Adisuria

Jayadi

2023

JOISM

View full text Add to dashboard Cite

show abstract

“…(Siedler et al, 2020) Reassessment of compliance-related Key Risk Indicators (KRIs) is required in response to changes in the external world (Stratigaki et al, 2016) Key Risk Indicators (KRIs) in the compliance sphere describe and pinpoint dangers associated with the financial institutions breaking the law. It can be used independently or with other fixed events linked to specific business risks, like governance risk (Brandis et al, 2019; Junior Nascimento da Silva et al, 2017;Ramalingam et al, 2018) To protect the business from risks to its image, legal liability, and other factors, these Key Risk Indicators must be reviewed on a regular basis.…”

Section: Kpismentioning

confidence: 99%

Business KPIs Based on Compliance Risk Estimation

Cernisevs,

Popova,

Cernisevs

2023

JoTS

View full text Add to dashboard Cite

The issue of KPI selection is urgent for sustainable business organization including the financial sector. There are numerous studies devoted to KPIs; however, the European Central Bank (European Central Bank, 2023) insists on the necessity of revising the methodology to improve it and make it based on risk and behavior aspects. This research is an attempt to meet the new vision of the ECB. The authors develop a new approach to the selected KPIs of financial institutions on the basis of risk indicators. The PLS-SEM method was used to construct and test the model, representing the company's compliance function and considering various risk categories. The significant relationship between compliance procedures and risk factors was confirmed by the constructed model. The study results not only meet the ECB's new approach but also contribute to the scientific area of choosing sustainable indicators for sustainable business. Empirical analyses from the study decisively highlighted a pronounced correlation between strict compliance with the established rules and proficient risk management practices. In tandem with the ECB's guiding principles, the conclusions derived from this research not only complement the existing body of knowledge but also offer a novel perspective on the essence of the KPI selection. Conclusively, this research confirms the significance of risk-aware KPIs in guiding financial entities toward a trajectory of sustained excellence and growth.

show abstract

“…La investigación se inició mediante la aplicación de los diferentes niveles de negocio de la organización en relación a una arquitectura de TI que fue representada a través de la figura 1. Una arquitectura de TI opera de manera sincronizada entre áreas de gestión y gobierno aislada con el fin de lograr el cumplimiento de las metas de la organización (Ramalingam et al, 2018). La arquitectura de TI se ha convertido en un nexo entre los niveles tácticos y operativos de la organización puesto que permite un alineamiento detallado de los activos, procesos y servicios de TI (Polyvyanyy et al, 2017).…”

Section: Métodosunclassified

Análisis de información de la gestión de incidentes de seguridad en organizaciones

Catanzaro

Quispe

Bujaico

et al. 2022

Puriq

View full text Add to dashboard Cite

Los incidentes de seguridad en una organización se consideran la fuente principal para evaluar la correcta aplicación de los controles de seguridad en organizaciones públicas o privadas. La investigación está basada en el comportamiento de los incidentes ante la participación de controles de tecnologías de información conjuntamente con los procesos formales en las organizaciones. Se utilizaron buenas prácticas de seguridad basadas en las normas internacionales ISO/IEC 27001 e ISO/IEC 27002. Se aplicó la metodología Magerit v3 y técnicas de inteligencia de negocios para integrar y procesar la información obtenida a través de fuentes heterogéneas de información implementadas en las organizaciones bajo estudio. La información obtenida se estableció en 9 controles de seguridad comunes a las organizaciones en estudio aplicados bajo un estudio experimental. El análisis de los datos permitió establecer que el constante monitoreo y supervisión de la aplicación de los controles de seguridad eleva los niveles de seguridad en las organizaciones garantizando la continuidad de los servicios y procesos.

show abstract

A Novel Approach for Optimizing Governance, Risk management and Compliance for Enterprise Information security using DEMATEL and FoM

Cited by 15 publications

References 12 publications

Analysis of the Implementation GRC Information System in Supporting Performance Optimization

Analysis of the Implementation GRC Information System in Supporting Performance Optimization

Business KPIs Based on Compliance Risk Estimation

Análisis de información de la gestión de incidentes de seguridad en organizaciones

Contact Info

Product

Resources

About