Detalhes bibliográficos
| Ano de defesa: |
2018 |
| Autor(a) principal: |
Pontes, Roberta Pinto Coelho Maciel
 |
| Orientador(a): |
Souza Neto, João
|
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Universidade Católica de Brasília
|
| Programa de Pós-Graduação: |
Programa Stricto Sensu em Gestão do Conhecimento e da Tecnologia da Informação
|
| Departamento: |
Escola de Educação, Tecnologia e Comunicação
|
| País: |
Brasil
|
| Palavras-chave em Português: |
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Resumo em Inglês: |
The objective of this scientific research was to evaluate the strategic risks associated to IT Governance processes, using a specific method through which it was possible to measure the capability of these processes and to identify the associated risks, in an integrated way. The COBIT 5 PAM method was chosen to evaluate the processes and the scenario analysis tool was used to identify the risks. The method application was done in an institution and the processes selected for evaluation were the strategic level provided in COBIT 5, which composes the EMD domain. The risk identification was based on scenario analysis, using the results fixed in the PAM for capacity level 1 (in which the process is expected to fulfill its purpose) as an ideal scenario and as the actual scenario presented in the process evaluation. Aftering identified risks, they were submitted to a manager’s forum to be validated and prioritized. The result shows that the risk assessment method was efficient, as the risks were recognized by the managers. Also identified were the processes that need to be increased to mitigate the risks considered relevant were also identified. The direct association between processes, already evaluated in their capacities, and the resulting risks, already prioritized, allowed this simultaneous analysis. |
| Link de acesso: |
https://bdtd.ucb.br:8443/jspui/handle/tede/2510
|
Resumo: |
The objective of this scientific research was to evaluate the strategic risks associated to IT Governance processes, using a specific method through which it was possible to measure the capability of these processes and to identify the associated risks, in an integrated way. The COBIT 5 PAM method was chosen to evaluate the processes and the scenario analysis tool was used to identify the risks. The method application was done in an institution and the processes selected for evaluation were the strategic level provided in COBIT 5, which composes the EMD domain. The risk identification was based on scenario analysis, using the results fixed in the PAM for capacity level 1 (in which the process is expected to fulfill its purpose) as an ideal scenario and as the actual scenario presented in the process evaluation. Aftering identified risks, they were submitted to a manager’s forum to be validated and prioritized. The result shows that the risk assessment method was efficient, as the risks were recognized by the managers. Also identified were the processes that need to be increased to mitigate the risks considered relevant were also identified. The direct association between processes, already evaluated in their capacities, and the resulting risks, already prioritized, allowed this simultaneous analysis. |
