The Impact of the 4th Wave on the Governance of Information Systems: IT Risk Architecture- EAS -SGR- Based on Multi-Agents Systems

The increasing demand of the protection of an enterprise information system has become one of the major priority and commitment of the executive committee and the board of directors. Risk management aligned with IT resources consists of a strong result which is called Information Security Governance (ISG) or the 4th wave. This article will present a multi-agent system which automates the ISG process on the behalf of the top management. The originality consists on using multi-agents systems including the 4th wave which has never been done before in other scientific works. It would result on the assessment of a new model merging the development of ISG, compliance and risk management in one framework which demonstrates the pivotal role of handling security risks in a company. In this context, we must address security with highly precautions; we should not only focus on the technical problems of security but also to their decisional part which involves the board and top management. Following the PDCA approach, we will demonstrate how our model can use international standards and methods to support organization’s information systems.