| As a core support technology and method for the great-leap-forward development of the enterprise, information technology has become the key tool for enterprises to achieve its strategy and improve its core competitive ability. More and more enterprises have attached importance to obtaining comparatively competitive advantage through informatization. At the same time, the high risk of informatization makes the enterprise's cognition of informatization begin return to rational level from aimlessness and exploration, and considers IT as a sustainable strategy, and drives the enterprises pay attention to integrating information technology and corporate governance.At present, the content and basic framework of informatization governance have been studied at some degree from home and abroad, and its appropriate model and methodology have not been found yet. The governance of informatization based on risk has not deserved its corresponding attention. In China, most of enterprises informatizations have been driven by project and scarce of long-term strategy, the study of risk governance of enterprise informatization still stays at its initial stages.According to the present condition of informatization risks evaluation and control, the paper put forward process-oriented risk governance model of enterprise informatization: the Hierarchy Risk Support Model which mainly focuses on three main elements: Risk Processes Control Model, Risk Analysis Method and Risk Evaluation Model. The Hierarchy Risk Support Model can integrate risk control and enterprise strategy by setting up risk structure of process-based and risk-cored.On the base of enterprise's informatization process, this paper has analyzed the informatization risk governance from many angles of view. According to informatization hierarchy, enterprises' strategy, and the demand of business objective and enterprise risk governance, the informatization risk evaluation mechanism is formed and the Hierarchy Risk Support Model is set up, which makes the risks analysis and control can be always carried out on the basis of sufficient information. By using up to down risk analysis method and down to up risk evaluation, enterprisestrategy, risks and processes have been integrated, and abstract enterprise risk is related to actual enterprise processes, then the view of risk is gradually formed from parts into a whole. Finally, the guideline of risk control can be drawn.By studying the Hierarchy Risk Support Model and refer to existing theories, indexes of enterprise processes is set up, and the risk of enterprise informatization can be evaluated accurately. On the base of processes and integrated evaluation method, risk in all levels can be evaluated: enterprise processes, life cycle phase, risk goal and whole of the enterprise informatization.Through evaluating risk under the hierarchy risk support model, it embodies the advantage and character of process and objective. Through process and result of risk evaluation, informatization risk can be related to enterprise process. The reliable risk level of enterprise informatization can be offered, and informatization risk control guideline can be deduced. Finally, balance between precision and complexity of risk control is achieved.The dissertation also provides an application of HRSM in an actual enterprise informatization. Finally, the paper points out the limits of the model, and describes work plan of the next stage.
|
PDF Full Text Request