This paper reports a study of the key factors that affect ICT risk management using Thai businesses as the data sources. Three hundred and two respondents from listed organisations on the Stock Exchange of Thailand (SET) were surveyed and the data analysed to establish the strength of relationships in a model derived from extant literature and the application of the two most commonly used gover...

Few pieces of legislation have affected so much so quickly and profoundly as the SarbaneseOxley (often abbreviated ‘‘SoX’’) Act of 2003. Triggered by accounting scandals such as Enron’s several years ago, SoX has many provisions, some of the most important of which require management of publicly traded companies to establish and maintain ‘‘an adequate internal control structure and procedures f...

Up to now, there is little academic support for the challenges of IT management. As a reaction, various best practice frameworks were developed, which can be subsumed under the topic IT governance. These still have no sound basis or scientific foundation. To undertake a step in this direction we present a metamodel of COBIT, the popular IT governance framework. A major goal of this paper is to ...

Dinas Komunikasi dan Informatika merupakan sebuah instansi pemerintah yang berada pada Provinsi Sumatera Utara. Teknologi dapat dikatakan menjadi kunci untuk mendukung meningkatkan manajemen perusahaan. Perusahaan telah memiliki sistem informasi presensi berfungsi merekam bukti dilakukan oleh pegawai saat masuk bekerja. Tujuan dari pengukuran tingkat kematangan yaitu mendapatkan gambaran agar m...

A shared view on the definition of IT governance is lacking and practitioners do not use present IT governance frameworks to support their decision-making. A commonly agreed upon definition of IT governance would be very useful and would serve the development and refinement of IT governance frameworks and assessment methodologies. This article presents an Architecture Theory Diagram, ATD, and a...

Teknologi Informasi atau biasa disebut TI merupakan hal terpenting bagi kemajuan perusahaan, semakin berkembangkan maka harus dilakukan tata kelola yang baik sesuai dengan standart ada dan dievaluasi terus menerus. Salah satu cara untuk mengevaluasi yaitu dilakukanya audit teknologi informasi. framework sering digunakan melakukan adalah COBIT. Tujuan dari penelitian ini mengetahui perbandingan ...

Organizational security involves assuring data confidentiality, integrity and availability. These security principles have been captured by standards like ISO 17799 [1] which provides guidelines in the format of objectives to be achieved and controls to be implemented. Each organization interprets and selects applicable controls according to their culture, infrastructure and business to define ...

Organisations are under constant pressure from governments and industry to implement risk management methods. There are various information security risk management methods available that organisations can implement, and each has different approaches to identifying, measuring, controlling and monitoring the information security risks. Organisations find it difficult to select an information sec...

Decision support systems (DSS) can be helpful tools in university's planning and management. Decision support systems can contribute to efficient exchange of information between experts, stakeholders, decision makers and laypeople. However , intelligent Information technology (IT) governance decision support system for public universities is yet to be thoroughly investigated. This is because IT...