7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

1/10

184

,

,

F C I , P M, 43400 PM,, , M.

E: @.. 4@., @... ,@..

R (RA) I . B, I IC . I . I , I I . M I I L R (LR). B , . B , , , , I . I, RA .

, , .

1.

R . R . A 1 : , . O .

R A (RA)

2. RA ; , ,, , . I , I , .H, I I , , 3. I , I

.

I . I . IC . , I 4. I , I G ,

I I .I . I I I 5. , I .

A 6, I G G.L , I

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

2/10

185

.. ,

I G . I G I . B I , . IG I .

, I G (

) 7. 6 I I, . R . F , , , I .E

, , . RA . M RA I .

H, , , R A

. , RA , . F RA 2005 2014 , , , . : 2 L R(LR). 3 RA. F,

.

2.

L R(LR) 8. I . LR . I ,

9. F 1.

1

, .

. . . F, .

A . I . C,

. I . LR 8. :

Q 1: I?

Q 2: , I ?

A . D

,

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

3/10

186

/

1

, ,

,

.

(20052014)

E.

.

.

2.1

LR 8. R ,, . LR

8. I LR , . I , LR. J. 2005 M.2014. I.

2.2

(2) . 10 . I , , . F .

2

EEE

AC D

D

. ( 3

4).

EEE E (E)

E E (EE)

EEE (EEE )

E

E (EE)

()

()

E (E)

C E

E (EE)

C E

(CE)

EEE/AC C A E (AE)

E C(E)

AC D E

(DE)

2.3

. F , . A . .

B :

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

4/10

187

B LR, ; . I .

3.

A 32 I . C . . F 2 32 , 85% ,12% , (3%) , .

2

O 27 , 4 .F 3 .

2005 2014. F. 4 2005 .

3.1

B ,

R I . I (RQ1); I (RQ2). 19 RQ1 5. A I I .R I 11.

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

5/10

188

I

. I I I 5. , I . I I , I , , I . R . RA

I 2. RA

2 , ,, , . 2 , , , , . 12 .

R , ,

13. I, I .

3 C O I (COBI) IO/IEC 17799 I I G.

I

I . I I , , . I ,I .

H,

. , . , , 14.

.

3.2

A 22 RQ2. R I . ( 6) 26, 18,27, 3, 23. 15 COBI IG : , , ,

, . I COBI 5.0 , 25.

18 IG I . I , COBI IIL, .

.

13), 6, 11,

5, 2 12

6

.

15, 16, 13,

17, 18,19.

6

A

.

20, 21, 22,

23, 24, 25

3.

7

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

6/10

189

3 I

C O I (COBI) IO/IEC 17799 I . I IIL COBI IO 17999 I 3.

27 IG COBI

IIL . COBI IIL COBI IIL , 27.

28 COBI . COBI I 28.

23 COBI I I .I , , , .

3.3

/

I (I)

.

, . , . , , / I. I 7.

5 (I) . :

M, P A, E MC D M , . I BM . .

38 (RAM) . ,

. . . RAM ( ). 39 (RAIEM) . RAIEM , , , . 40 G R A M(GPRA) ().

. GPRA .GPRA . 41 . . .42 Q R

CB

29, 13, 30,31, 21, 32.

6

27002( 17799)

33, 34, 35,3637, 38, 21

39.

8

6, 26, 18. 3,27, 28, 23, 29

8

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

7/10

190

A M P M

Q R, R F,P R R . CMMI . .

43 K , , MB (ME). ME.

; ; ; ; / .44 F . . F A . , , , ,, .45 F ECOM I

. . , P R, CA E E.46 (AOIRAM) I. , , , , . .

IO 27001 I , .

.

I . , , RA I . R

I 11, 2.

I I L (IIL) IC, COBI IO 17999 IC . F RA I . , , . A , ,

R I .

F C &I , PM .

1 I., E, 9E; A P, (A),M 2123, 2011.

2 A. M. K, , , . 47, N. 11, 2005, . 7377.

3 .K,B.C.P, IC RM O: C B, 1 ,

.513522.4 R. NH, IC Q

M F C M , , F 2013, M, J,M, 2013, . 1343.

5 L. L H. D, M R A C O, (), M 2011, .13.

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

8/10

191

6 IGI,B B I G,

I G I, R ://.., 2010, . 120.7 P. J. . R, I G

O P, , J2005, . 1349.

8 B.A. K, P P R,

. D C K (K) E E, N ICA.. 4, N. 2, 2005, . 4556.

9 P. B, B. A. K, D. B,M. , M. K, L

A L RP ED, C M K K,, 5 5BGK. 80, N. 3, 2007, . 571583.

10. D, P. L, A. ,K A D: A LR, I

, ,.151.

11

P. R.B, R ,

B F, N 2006.

12M. A. M, J.F. AB,P , , . 3, N. 2, 2010, . 111.

13G. H. B, I G, , . 18, N.3, M 2008, . 2732

14R. MA A. G, ER P OI: A M

P, & , . 105, N. 3, 2005, . 114.

15A.R. R, A R M AIRMIC, ALARM, IRM, ,F2005, .139.

16P.C,I G P I CIO; PCI L,J 2007.

17D., R IF, ,M 2009, . 234343.

18E. J.L ., I G: P,

, P, A,

. 1, N. 2, 20 2006, . 114.19

G. , A.G, A. F,R M G I ,

. F 2002, . 434470.

20L. J B. J, I R A GAO P LO, , M 2009, .112.

21E. J, L, B I . , E: J &

L, M 2005.22L , R M, , . 5, N. 2,2005, . 115.

23M. G, R M IG F, BA E , R.. 14, N. 3, 2011, . 545552.

24R. B, R M F;R M DM, , . 1, N 3 2011,.131.

25R. O, E I G L D, RI COBI IACA J . 5, N. 4,2012, . 1021.

26. D. J, "A I GM: C M, ". , M L, F 2123, 2013, . 626632.

IACA, 2013.I COBI 5 GF". IACA.. ,. 5, N. 4, 2013, . 110.

28J. .L, 2010. I ,

& ,. 11,N.5, J, . 3340.

29. B. , I : COBI IO 17799 ?, &,E A P, M 1011, 2005 . 110.

30G. I. DB, R I A M: A Q A E P. , F 89, 2007 . 1021.

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

9/10

192

31G. R., I

M B P B IO/IEC 17799', ,. 39, N. 4, J 2005, . 6066.

32K. B I.., A IO 17799 . C & , .25, N.6, 2006, . 413419

D.M D. G. R, AO C I C I,J ,F 2123, 2007, . 234241.

34 J. E M.E, I

MA N P, , F 2123,2003, . 130136.

35. G, H C, ,. 37, N. 3, M 2003, . 3440.

36M., .K, K, M. E. K, IO17799, & , . 24,N. 6, M2005, . 472484.

37N.R, I , , . 6, N.3, A 2005, .4549.

38F. A.M, R A M; N ,

, M 2123, 2005, . 536544.

39B., D. .K . C, AN M R M. & ,. 3, N.3, 2012,. 953956.

40A. A . . H, P

R A M O E , I

(), . 9, N 6,2009, .27928541. P J., A RA

M C A I D I & , M ,B, , . 5,N. 3, 2010, . 352359

42M. C., A RA M O

CMMI Q A; F

I C M B,, ,F 1011, 2010, 331337

43. L. C, A KB RA F EE A OP, , . 21, N.2 2005, . 207217

44G., . C, B.H A F.O, A F R A M H I

I; E E , , . 39,N.7,2011 .12111218.

45E.M, L. F. C H. D, P R A E C M COCOMO C F & , .3, N.1,2013, . 113132.

46M. M, AO I RA M I

M D, C, . 3, N.4, 2010, . 218226,

7/25/2019 RISK ASSESSMENT OF IT GOVERNANCE: A SYSTEMATIC LITERATURE REVIEW

10/10

193

/

5 ,

A,

E & C

D

, .

.

(A)

38 , &

.

(AE)

39 ,

.

.

A

(A)

40

, &

A

/

41

E/C,

C ,

,, C &

A

A

42 , F,

&

C

.

A

43 ;;

;

;

/

.

A F

44 , ,

, , A,F &

D

F A

C

&

A F EC

45 , ,

C A &E E

A

(AA)

46 ,

,

, ,

& .