Diogo Proença

A maturity model for information governance

Information Governance (IG) as defined by Gartner is the “specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. Includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals”. In this paper, we present how to create an IG maturity model based on existing reference documents. The process is based on existing maturity model development methods. These methods allow for a systematic approach to maturity model development backed up by a well-known and proved scientific research method called Design Science Research. Then, based on the maturity model proposed in this paper, an assessment is conducted and the results are presented, this assessment was conducted as a self-assessment in the context of the EC-funded E-ARK project for the seven pilots of the project. The main conclusion from this initial assessment is that there is much room for improvement with most pilots achieving results between maturity level two and three. As future work, the goal is to analyze other references from different domains, such as, records management. These references will enhance, detail and help develop the maturity model making it even more valuable for all types of organization that deal with information governance.

A Pragmatic Risk Assessment Method Supported by the Business Model Canvas

This paper presents a pragmatic risk assessment method based on best practice from the ISO 31000 family of standards regarding risk management. The method proposed is supported by established risk management concepts that can be applied to help a data repository to gain awareness of the risks and costs of the controls for the identified risks. In simple terms the technique that supports this method is a pragmatic risk registry that can be used to identify risks from a Business Model Canvas of an organization. A Business Model Canvas is a model used in strategic management to document existing business models and develop new ones. The risk assessment method is then applied to a Civil Engineering Laboratory to illustrate the benefits of such a method.

Evaluating a process for developing a capability maturity model

Maturity Models have been proven to be powerful tools to assess to current state of an organization regarding a certain aspect and drive improvement. However, maturity models are often developed ad hoc, without following a well-documented design and development method, and often do not provide a pathway to further extend and update the model to foster systematic enhancements and extensions. This paper discusses a systematic approach to maturity model development and applies it to the concrete domain of long-term information management. We trace the steps from problem definition to maturity model evaluation and apply the maturity model to a specific organizational scenario.

Enterprise Architecture: A Maturity Model Based on TOGAF ADM

Ensuring the alignment between IT and business can be a difficult challenge. That is the reason why the Enterprise Architecture domain exists, to provide guidance on how to better align Business and IT. There are several methods in existence that guide an organization in developing its Enterprise Architecture. However, putting these methods in practice can become a huge project. The purpose of this paper is to develop a maturity model for Enterprise Architecture in organizations as a governance instrument to analyze and evaluate the current state of affairs, as well as, identify possible areas for improvement. In this way, maturity models facilitate the evolutionary reengineering of all functions related with the lifecycle of an Enterprise Architecture as they allow benchmarking assessment and roadmap planning to be performed. The development of this maturity model is based on design science research grounded in current literature. By collecting the critical success factors of Enterprise Architecture and evaluating the existent maturity models for this domain the conclusion is that there is no maturity model that fully considers all these critical factors. The maturity model proposed in this paper is evaluated through a multi-step perspective that is used to confirm that the maturity model makes a useful and novel contribution to the enterprise architecture domain by taking in consideration the best practice and critical success factors of the domain.

Methods and techniques for maturity assessment

A Maturity Model is a widely used technique that is proved to be valuable to assess business processes or certain aspects of organizations, as it represents a path towards an increasingly organized and systematic way of doing business. A maturity assessment can be used to measure the current maturity level of a certain aspect of an organization in a meaningful way, enabling stakeholders to clearly identify strengths and improvement points, and accordingly prioritize what to do in order to reach higher maturity levels. However, in order to make that possible, maturity assessments must be performed. Doing that can range from simple self-assessment questionnaires to full blown assessment methods, such as recommended by the ISO15504 or the SEI CMMI. However, a main caveat of these assessments is the resources they encompass, as well as, a lack of actual automation, which many times renders benchmarks not possible. Assuming that the modeling of business domains is becoming a fact with the wide spread of Enterprise Architecture practices, and also considering the recent state of the art on the representation of Enterprise Architecture models using ontologies, this work proposes to follow that trend and innovate by using existing semantic technology to automate maturity models assessment methods.

Using the Business Model Canvas to Support a Risk Assessment Method for Digital Curation

This poster presents a pragmatic risk assessment method based on best practice from the ISO 31000 family of standards regarding risk management. The method proposed is supported by established risk management concepts that can be applied to help a data repository to gain awareness of the risks and costs of the controls for the identified risks. In simple terms the technique that supports this method is a pragmatic risk registry that can be used to identify risks from a Business Model Canvas of an organization. A Business Model Canvas is a model used in strategic management to document existing business models and develop new ones.