TY  - JOUR
AU  - Amraoui, Soumaya 
AU  - Elmaallam, Mina 
AU  - Bensaid, Hicham 
PY  - 2019
TI  - An Algorithm To Determine The Maturity Improvement Plan For Information System Risk Management. Application On A Case Study
JF  - Journal of Computer Science
VL  - 15
IS  - 8
DO  - 10.3844/jcssp.2019.1050.1064
UR  - https://thescipub.com/abstract/jcssp.2019.1050.1064
AB  - A good and relevant Risk Management process is a key issue when Information System effective governance is concerned. Therefore, several paradigms have been devised to help achieving such goal. Among these paradigms, maturity models are quite popular. The main aim of a maturity model is to help users improve their activities capability. However, one of the major challenges encountered when using these models is the definition of the improvement plan after the evaluation. This challenge is all the stronger and costly when it comes to an activity whose elements or phases have an important interdependence such as IS risk management. In this article, we propose an algorithm called “Path Prerequisites” to help users define a graduate improvement plan, easily and efficiently, from a given maturity level to a target one, while handling criteria dependencies constraints. The algorithm is based on an acyclic graph representation of the control objectives and the dependencies among them and it corresponds to a guided (backwards) traversal of the graph. We assess the algorithm by applying it to a study case.