- Home
- →
- Producció científica
- →
- Articles
- →
- Ciències Matemàtiques i Informàtica
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Barafort, B. | |
| dc.contributor.author | Mesquida, A.L. | |
| dc.contributor.author | Mas, A. | |
| dc.date.accessioned | 2025-05-27T11:31:35Z | |
| dc.identifier.citation | Barafort, B., Mesquida, A.L. i Mas, A. (2018). ISO 31000‐based integrated risk management process assessment model for IT organizations. Journal Of Software-Evolution And Process. https://doi.org/10.1002/smr.1984 | ca |
| dc.identifier.uri | http://hdl.handle.net/11201/170322 | |
| dc.description.abstract | [eng] Governance, Risk management, and Compliance activities are key challenges faced by organizations. Process Models and Capability Process Assessments are governance instruments that can help organization in assessing and improving their processes. Several ISO standards propose process models for Management System Standards based on ISO 9001, ISO/IEC 20000‐1, and ISO/IEC 27001, and for project management with ISO 21500. The ISO 31000 standard provides guidance for Risk management with a process approach and systemic perspective. This paper presents an ISO 31000‐based Integrated Risk Management Process Assessment Model (PAM) for IT organizations enabling to integrate on an easy way several ISO process‐oriented standards which are often targeted by IT organizations. This PAM integrates risk management dimensions with ISO 9001, ISO 21500, ISO/IEC 20000‐1, and ISO/IEC 27001. It offers a centralized and integrated risk management approach which provides the basis to improve, coordinate, and interoperate risk management activities. | en |
| dc.format | application/pdf | en |
| dc.publisher | Wiley | |
| dc.relation.ispartof | Journal Of Software-Evolution And Process, 2018 | |
| dc.rights | all rights reserved | |
| dc.subject.classification | 004 - Informàtica | ca |
| dc.subject.other | 004 - Computer Science and Technology. Computing. Data processing | en |
| dc.title | ISO 31000‐based integrated risk management process assessment model for IT organizations | en |
| dc.type | info:eu-repo/semantics/article | |
| dc.type | info:eu-repo/semantics/publishedVersion | |
| dc.type | Article | |
| dc.date.updated | 2025-05-27T11:31:36Z | |
| dc.date.embargoEndDate | info:eu-repo/date/embargoEnd/2100-01-01 | |
| dc.embargo | 2100-01-01 | |
| dc.subject.keywords | ISO 31000 | en |
| dc.subject.keywords | Integrated risk management | en |
| dc.subject.keywords | Process Assessment Model (PAM) | en |
| dc.subject.keywords | IT organizations | en |
| dc.rights.accessRights | info:eu-repo/semantics/closedAccess | |
| dc.identifier.doi | https://doi.org/10.1002/smr.1984 |
Files in this item
