Abstract—The increasing demand of the protection of an
enterprise information system has become one of the major
priority and commitment of the executive committee and the
board of directors. Risk management aligned with IT resources
consists of a strong result which is called Information Security
Governance (ISG) or the 4th wave. This article will present a
multi-agent system which automates the ISG process on the
behalf of the top management. The originality consists on using
multi-agents systems including the 4th wave which has never
been done before in other scientific works. It would result on
the assessment of a new model merging the development of
ISG, compliance and risk management in one framework
which demonstrates the pivotal role of handling security risks
in a company. In this context, we must address security with
highly precautions; we should not only focus on the technical
problems of security but also to their decisional part which
involves the board and top management. Following the PDCA
approach, we will demonstrate how our model can use
international standards and methods to support organization’s
information systems.
Index Terms—4th wave, information security governance,
multi-agents systems, plan do check act.
The authors are with the National School of Electricity and Mechanics ,
Hassan II University and Permanent Professor at the International
University of Casablanca, Casablanca, Morocco (e-mail:
hajar.iguer@gmail.com, hmedromi@yahoo.fr, sayouti@gmail.com).
[PDF]
Cite:Hajar Iguer, Hicham Medromi, and Adil Sayouti, "The Impact of the 4th Wave on the Governance of Information Systems: IT Risk Architecture- EAS –SGRBased on Multi-Agents Systems," International Journal of Computer Theory and Engineering vol. 6, no. 5, pp. 432-437, 2014.