RiskM: A multi-perspective modeling method for IT risk assessment

Strecker, Stefan; Heise, David R.; Frank, Ulrich

doi:10.1007/s10796-010-9235-3

Cited by 50 publications

(28 citation statements)

References 31 publications

(56 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This study introduces a semantic annotation approach for process models and the ability to model preconditions and effects of tasks within a process (Hoffmann et al, 2012). On a similar note Strecker et al (2011) suggest a modelling approach and a process for the assessment of IT risks. Other aspects of GRC systems examined in the literature are the governance of outsourcing relationships (Ali & Green, 2012) and process management systems requirements to support semantic constraints as well as the criteria that enable integrated compliance support through the entire process lifecycle (Ly, Rinderle-Ma, Göser, & Dadam, 2012).…”

Section: Prior Research On Grcmentioning

confidence: 99%

The Implementation of Governance, Risk, and Compliance IS: Adoption Lifecycle and Enterprise Value

Spanaki

Papazafeiropoulou

2016

Information Systems Management

View full text Add to dashboard Cite

Governance, Risk and Compliance (GRC) has become an emerging field within the IS academic community. Motivated by this research direction, the study capitalizes on the theoretical background of Enterprise Systems (ES) and extends the focus on GRC systems' implementation (enterprise value and lifecycle). Building upon expert views on GRC IS implementation projects, the analysis indicates that the three value drivers of integration; optimization and information should be considered throughout the whole GRC IS implementation lifecycle.

show abstract

Section: Prior Research On Grcmentioning

confidence: 99%

The Implementation of Governance, Risk, and Compliance IS: Adoption Lifecycle and Enterprise Value

Spanaki

Papazafeiropoulou

2016

Information Systems Management

View full text Add to dashboard Cite

show abstract

“…This research focuses on the GRC in the environmental management area. The last paper of the GRC special issue closes with a modelling approach of risks and a process for the assessment of IT risks (Strecker et al 2011).…”

Section: The Grc Concept and Frameworkmentioning

confidence: 99%

Understanding governance, risk and compliance information systems (GRC IS): The experts view

Papazafeiropoulou

Spanaki

2015

Inf Syst Front

View full text Add to dashboard Cite

Although Governance, Risk and Compliance (GRC) is an emerging field of study within the information systems (IS) academic community, the concept behind the acronym has to still be demystified and further investigated. The study investigates GRC systems in depth by (a) reviewing the literature on existing GRC studies, and (b) presenting a field study on views about GRC application by professional experts. The aim of this exploratory study is to understand the aspects and the nature of the GRC system following an enterprise systems approach. The result of this study is a framework of particular GRC characteristics that need to be taken into consideration when these systems are put in place. This framework includes specific areas such as: goals and objectives, purpose of the system, key stakeholders, methodology and requirements prior to implementation, critical success factors and problems/barriers. Further discussion about the issues, the concerns and the diverse views on GRC would assist in developing an agenda for the future research on the GRC field.

show abstract

“…5, are based on the MEMO approach. Thus the present models are illustrated presuming modelling languages and notation of the MEMO language family, for instance, for strategic, organisational, and IT landscape modelling [11,14] as well as specific extensions like for risk or indicator modelling [27,28]. It is, however, important to note that shown diagrams and meta models are not intended to predetermine a specific enterprise modelling approach; instead, they serve as an illustration of principle application and design decisions in context of enterprise model-based ITSM.…”

Section: Outline Of Em-based It Service Managementmentioning

confidence: 99%

Towards a Method for IT Service Management

Kattenstroth

Heise

2011

Lecture Notes in Business Information Processing

Self Cite

View full text Add to dashboard Cite

Abstract. To cope with the challenges in IT service management, methods are required that purposefully reduce the complexity inherent to enterprises -with regard to both business and IT -, facilitate communication among groups of stakeholders and support the management of IT services along their life cycle. In this paper we investigate the potentials of an enterprise modelling approach to IT service management and reflect upon design alternatives for corresponding modelling constructs. We present research in progress that is intended as foundation for discussion with and discursive evaluation by peers and domain experts.

show abstract

RiskM: A multi-perspective modeling method for IT risk assessment

Cited by 50 publications

References 31 publications

The Implementation of Governance, Risk, and Compliance IS: Adoption Lifecycle and Enterprise Value

The Implementation of Governance, Risk, and Compliance IS: Adoption Lifecycle and Enterprise Value

Understanding governance, risk and compliance information systems (GRC IS): The experts view

Towards a Method for IT Service Management

Contact Info

Product

Resources

About