CAUSES OF INEFFECTIVE IMPLEMENTATION OF IT GOVERNANCE IN RISK MANAGEMENT: A SYSTEMATIC LITERATURE REVIEW

JIKO (Jurnal Informatika dan Komputer) Pub Date : 2023-08-06 DOI:10.33387/jiko.v6i2.6182

Ananda E S Setyadji, Arief R R Putrananda, Daffa H Permadi, Rais I Nustara, Reyhan B Pratama, Tegar A Masyhuda, Eva Hariyanti

{"title":"CAUSES OF INEFFECTIVE IMPLEMENTATION OF IT GOVERNANCE IN RISK MANAGEMENT: A SYSTEMATIC LITERATURE REVIEW","authors":"Ananda E S Setyadji, Arief R R Putrananda, Daffa H Permadi, Rais I Nustara, Reyhan B Pratama, Tegar A Masyhuda, Eva Hariyanti","doi":"10.33387/jiko.v6i2.6182","DOIUrl":null,"url":null,"abstract":"Information Technology Governance is currently widely implemented in companies. One of the domains that can be of concern is risk management. The application of TKTI in this domain can help companies identify, evaluate, reduce, and manage risks related to their business to achieve company goals better. In this case, three frameworks can be considered, including NIST, ISO 27001, and Octave, but implementing these frameworks only sometimes goes as planned. This study aims to identify the factors that cause the ineffectiveness of implementing Information Technology Governance (ITG) in the risk management domain using the NIST, ISO 27001, and Octave frameworks. Through an analysis of existing literature and data processing, this study found that factors such as lack of understanding of the framework, lack of adequate resources, and implementation challenges play an essential role in ineffectiveness. This study concludes by providing valuable insights for organizations seeking to strengthen their risk management capabilities.","PeriodicalId":243297,"journal":{"name":"JIKO (Jurnal Informatika dan Komputer)","volume":"95 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"JIKO (Jurnal Informatika dan Komputer)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.33387/jiko.v6i2.6182","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Information Technology Governance is currently widely implemented in companies. One of the domains that can be of concern is risk management. The application of TKTI in this domain can help companies identify, evaluate, reduce, and manage risks related to their business to achieve company goals better. In this case, three frameworks can be considered, including NIST, ISO 27001, and Octave, but implementing these frameworks only sometimes goes as planned. This study aims to identify the factors that cause the ineffectiveness of implementing Information Technology Governance (ITG) in the risk management domain using the NIST, ISO 27001, and Octave frameworks. Through an analysis of existing literature and data processing, this study found that factors such as lack of understanding of the framework, lack of adequate resources, and implementation challenges play an essential role in ineffectiveness. This study concludes by providing valuable insights for organizations seeking to strengthen their risk management capabilities.

查看原文本刊更多论文

风险管理中信息技术治理实施无效的原因:系统的文献综述

信息技术治理目前在企业中得到了广泛的实施。其中一个值得关注的领域是风险管理。TKTI在该领域的应用可以帮助公司识别、评估、减少和管理与其业务相关的风险，从而更好地实现公司目标。在这种情况下，可以考虑三个框架，包括NIST、ISO 27001和Octave，但是实现这些框架只是有时按计划进行。本研究旨在确定使用NIST、ISO 27001和Octave框架在风险管理领域实施信息技术治理(ITG)无效的因素。通过对现有文献的分析和数据处理，本研究发现，缺乏对框架的理解、缺乏足够的资源和实施挑战等因素在无效中起着至关重要的作用。本研究的结论是为寻求加强其风险管理能力的组织提供有价值的见解。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

JIKO (Jurnal Informatika dan Komputer)

自引率

0.00%

发文量