August 2012
·
37 Reads
In this paper, based on the preliminary research results K-PRS-ISMCS and PRS-ISMCS, a variety of risks existed in the process of IT governance are firstly analyzed; then a full-life cycle, multi-layered structure of IT risk governance ITG-HRCM (Hierarchical risk control model) integrated with ERMF and COBIT based on PRS-ISMCS is put forward with the description of the model function; thirdly a kind of improved risk quantization and calculation method is described; finally the work of experimental simulation is done to various risks in the process of IT governance, which proves that ITG-HRCM with its improved risk quantitative calculation method can meet the demand and expectations of information security objectives in IT governance.