A review on risk mitigation of IT governance

Risk Mitigation (RM) is one of the important activities in risk management of IT governance. In IT governance project, IT risk mitigation emphasizes taking action early in a project to prevent the occurrence of undesired events or to reduce the consequences of their occurrence. The essential of RM in IT governance enables enterprise achieving "the new business changes, reduces IT project risks and future investment in IT governance projects. To get clear understanding in regards risk mitigation based on IT governance context, many relevant studies have been reviewed from different issues and aspects. The purpose of this study is to investigate related RM frameworks, models, processes, stakeholder involves and other issues based on a Systematic Literature Review (SLR) approach. This study presents the results of the systematic literature reviews on an evident of the RM in IT governance and it issues that need to be catered in the future. The finding of this review indicates that RM requires appropriate consideration to systematically reviewed on it numerous limitations, issues and current implementation.

[1]  L. Whitman,et al.  Methodology to mitigate supplier risk in an aerospace supply chain , 2004 .

[2]  Bennet P. Lientz,et al.  Risk Management for IT Projects: How to Deal with Over 150 Issues and Risks , 2006 .

[3]  Sai Ying,et al.  Optimizing software process based on risk assessment and control , 2005 .

[4]  Halilah Haron,et al.  IT Governance Awareness and Practices: an Insight from Malaysian Senior Management Perspective , 2014 .

[5]  Bogdan Rebiasz,et al.  Fuzziness and randomness in investment project risk appraisal , 2007, Comput. Oper. Res..

[6]  Siew Hock Ow,et al.  An Innovative Model for Optimizing Software Risk Mitigation Plan: A Case Study , 2012, 2012 Sixth Asia Modelling Symposium.

[7]  Dar-Biau Liu,et al.  A risk-mitigating model for the development of reliable and maintainable large-scale commercial-off-the-shelf integrated software systems , 1997, Annual Reliability and Maintainability Symposium.

[8]  Sandro Etalle,et al.  Model-Based Mitigation of Availability Risks , 2007, 2007 2nd IEEE/IFIP International Workshop on Business-Driven IT Management.

[9]  C. Bailey,et al.  Risk mitigation framework for a robust design process , 2008, 2008 2nd Electronics System-Integration Technology Conference.

[10]  Ravi Shankar,et al.  Information risks management in supply chains: an assessment and mitigation framework , 2007, J. Enterp. Inf. Manag..

[11]  Siddhi Pittayachawan,et al.  ICT risk management in organizations: Case studies in Thai business , 2008 .

[12]  Rene Saint-Germain,et al.  Information Security Management Best Practice Based on ISO/IEC 17799 , 2005 .

[13]  Prasanta Kumar Dey,et al.  Managing project risk using combined analytic hierarchy process and risk map , 2010, Appl. Soft Comput..

[14]  Tai-Myung Chung,et al.  Qualitative Method-Based the Effective Risk Mitigation Method in the Risk Management , 2006, ICCSA.

[15]  Alberto De Marco,et al.  A review of quantitative analysis techniques for construction project risk management , 2012 .

[16]  Pearl Brereton,et al.  Lessons from applying the systematic literature review process within the software engineering domain , 2007, J. Syst. Softw..

[17]  A. Calder IT Governance , 2006 .

[18]  Leon J. Osterweil,et al.  Search based risk mitigation planning in project portfolio management , 2013, ICSSP 2013.

[19]  Adrian Tantau,et al.  A risk mitigation model in SME’s open innovation projects , 2013 .

[20]  Ibrahim Sogukpinar,et al.  A quantitative method for ISO 17799 gap analysis , 2006, Comput. Secur..

[21]  Davide Aloini,et al.  Risk assessment in ERP projects , 2012, Inf. Syst..

[22]  Shan Liu,et al.  Evaluating and Mitigating Information Systems Development Risk through Balanced Score Card , 2009, 2009 International Symposium on Information Engineering and Electronic Commerce.

[23]  Siew Hock Ow A Novel Model for Software Risk Mitigation Plan to Improve the Fault Tolerance Process (ISI-Indexed Proceedings) , 2012 .

[24]  J. Lainhart,et al.  Why IT Governance Is a Top Management Issue , 2000 .

[25]  Sebastiaan H. von Solms,et al.  Information Security governance: COBIT or ISO 17799 or both? , 2005, Comput. Secur..

[26]  Hye-Young Paik,et al.  Risk Identification and Mitigation Processes for Using Scrum in Global Software Development: A Conceptual Framework , 2009, 2009 16th Asia-Pacific Software Engineering Conference.