Aspectos do gerenciamento de riscos de tecnologia da informação nas empresas: um estudo de caso múltiplos

The information technology - IT- benefits have been more perceived during the last decades. Both IT and business managers are dealing with subjects like governance, IT-Business alignment, information security and others on their top priorities. Talking about governance, specifically, managers are facing it with a technical approach, that gives emphasis on protection against invasions, antivirus systems, access controls and others technical issues. The IT risk management, commonly, is faced under this approach, that means, has its importance reduced and delegated to IT Departments. On the last two decades, a new IT risk management perspective raised, bringing an holistic view of IT risk to the organization. According to this new perspective, the strategies formulation process should take into account the IT risks. With the growing of IT dependence on most of organizations, the necessity of a better comprehension about the subject becomes more clear. This work shows a study in three public organizations of the Pernambuco State that investigates how those organizations manage their IT risks. Structured interviews were made with IT managers, and later, analyzed and compared with conceptual categories found in the literature. The results shows that the IT risks culture and IT governance are weakly understood and implemented on those organizations, where there are not such an IT risk methodology formally defined, neither executed. In addition, most of practices suggested in the literature were found, even without an alignment with an IT risks management process

Saída compulsória do estrangeiro do território nacional à luz dos direitos humanos: análise de casos

This paper aims to review traditional concepts inherent to the general theory of the state and human rights, relating to the legal situation of foreign, understood as the subject of rights, especially when the is case of compulsory legal imposition of exit from national territory. After the serious violations during the Second World War and the importance acquired by the International Law of Human Rights, values as dignity, justice and equality are enshrined in the legal system and its respect required beyond the boundaries of any country. The creation of an international community, which is governed by rules that its members are subordinated, without distinction, as well as state - based on volunteerism, become inspired by one principled nature of these new concepts required of Global Society, as well as the adoption, influenced by neoconstitutionalism, to the model of State Constitutional rule of law, are opposed to the idea of state sovereignty connected to a superiority, absolute and unlimited power which recognizes no other above it, not even the basic principles or axioms that must govern the relationships internally. So looks for a concept of state that includes all the requirements of a democratic society, that have the people as the power holder, understanding that state element has undergone a relativization, because had to adapt to the contemporary values applicable to the individual, inserting in its concept, the indispensable obligation to protect the inalienable rights of citizens, regardless of with whom he have legal and political bond of nationality. It happens that, to consecrate these privileges to individuals, which, because they contain reference to values with supranational characteristics, are very abstract and are in constant collision course with internal rules, making it difficult to reconcile, it will use hermeneutics of human rights, due mainly to international courts, correlated with constitutional exegesis, in particular, legal principiologia, using, among others, the principles of reasonableness and proportionality, the systematic interpretation of the Constitution and international legal standards. Thus, it seek to enshrine the common foundation of all law , the link between the systems, namely, the dignity of human beings. Finally, it will see if Brazilian jurisdiction, through case studies, is tuned in line with these new paradigms, and in line with the International Bill of Human Rights, the Federal Constitution, the values and principles she hired

Criação de empresas à luz do modelo de decisão effectuation: um estudo com mulheres empreendedoras no município de Currais Novos/RN

This study analysed the creation of businesses by entrepreneur women in the Currais Novos city, looking for verifying if they used making decision processes aligned to the Effectuation logic throughout the creation of their companies. To this, was accomplished a multiple cases and exploratory study, whit a qualitative approach of analyse, using the thematic life history technique that match accounts and semi-structured interview route, being accomplished like a long interview, where the researcher interact with the informer continuously. The semi-structured interview route was created by the adaptation of the interview route used by Tasic (2007). The present study appealed to a intentional selection of individuals in function of their importance in relation to the boarded theme. This means that the individuals were chosen in function of their social and theoretical representatively inside the considered situation. The participant individuals of this research were five entrepreneur women that act in the Currais Novos city, owners of five different companies. To the data treatment and analyse, was chosen the content analyse technique. This study worked with a priori theoretical categories. The categories of analyse in this study was obtained with base in the Effectuation approach (SARASVATHY, 2001a, 2001b, 2008), that is an alternative model of making decision to the classic model based in the causality principle. These categories are Clarity of Initial Aims , Tolerance to the Lost and Initials Investments , Control of Resources ( who I am , what I know and who I know ) and Promoting Over Contingencies . As result, the entrepreneur women researched, in a general way, hadn t clear initial aims at the companies creation moment, hadn t aversion to the risk to lose the time and the money that they were investing in the company in formation, they highlighted the products and services identity that offered with a strong link with Seridó region, they had experience in the field of activity in which they decided to open their companies, had the commitment of partners in the beginning of the business and they knew to transform the initial difficulties in opportunities. By the end, this study conclude that the entrepreneur women studied used, in a big part, making decision processes aligned to the Effectuation logic throughout the creation of their companies

Alinhamento estratégico da TI: o caso da UFRN

It is considered that the Strategic Alignment IT is the first step within the IT Governance process for any institution. Taking as initial point the recognition that the governance corporate has an overall view of the organizations, the IT Governance takes place as a sub-set responsible for the implementation of the organization strategies in what concerns the provision of the necessary tools for the achievement of the goals set in the Institutional Development Plan. In order to do so, COBIT specifies that such Governance shall be built on the following principles: Strategic Alignment, Value Delivery, Risk Management, Performance Measurement. This paper aims at the Strategic Alignment, considered by the authors as the foundation for the development of the entire IT Governance core. By deepening the technical knowledge of the management system development, UFRN has made a decisive step towards the technical empowerment needed to the “Value Delivery”, yet, by perusing the primarily set processes to the “Strategic Alignment”, gaps that limited the IT strategic view in the implementation of the organizational goals were found. In the qualitative study that used documentary research with content analysis and interviews with the strategic and tactical managers, the view on the role of SINFO – Superintendência de Informática was mapped. The documentary research was done on public documents present on the institutional site and on TCU – Tribunal de Contas da União – documents that map the IT Governance profiles on the federal public service as a whole. As a means to obtain the documentary research results equalization, questionnaires/interviews and iGovTI indexes, quantitative tools to the standardization of the results were used, always bearing in mind the usage of the same scale elements present in the TCU analysis. This being said, similarly to what the TCU study through the IGovTI index provides, this paper advocates a particular index to the study area – SA (Strategic Alignment), calculated from the representative variables of the COBIT 4.1 domains and having the representative variables of the Strategic Alignment primary process as components. As a result, an intermediate index among the values in two adjacent surveys done by TCU in the years of 2010 and 2012 was found, which reflects the attitude and view of managers towards the IT governance: still linked to Data Processing in which a department performs its tasks according to the demand of the various departments or sectors, although there is a commission that discusses the issues related to infrastructure acquisition and systems development. With an Operational view rather than Strategic/Managerial and low attachment to the tools consecrated by the market, several processes are not contemplated in the framework COBIT defined set; this is mainly due to the inexistence of a formal strategic plan for IT; hence, the partial congruency between the organization goals and the IT goals.

Proposta de modelo de gestão de riscos para uma IFES visando a realização de auditoria baseada em riscos

Organizations are susceptible to the occurrence of many events that may affect the achievement of their objectives. As a result, Brazilian Public Administration supervisory bodies have required institutions to adopt risk management policies. Given the large number of recommendations issued by Federal Audit Court (TCU) to various Federal Institutions of Higher Education (IFES) in this area, it is proposed a risk management model for Universidade Federal do Rio Grande do Norte (UFRN). This is an applied, exploratory and qualitative study. Regarding to technical procedures, it is characterized as documentary analysis, bibliographical research, case study and action research. The bibliographical research was used to support the elaboration of the Risk Management Guide for Federal Institutions of Higher Education (GERIFES). The documentary analysis, in turn, was used with the aim of knowing the organizational structure and the university´s macroprocesses. The author works in the university internal auditing department and shares the same problem. This characterizes the work as an action research. The case study supported both the elaboration of the guide and the simulation of the specific functionality for the university information system, demonstrated through the User Manual Module "Risk Management" proposed for the Integrated System of Property, Administration and Contracts (SIPAC). This manual has been prepared in order to facilitate the use of this tool if it will be incorporated into the university information system. As research results, a risk management model for UFRN was elaborated and a simulation of an informational tool, which is able to manage risks related to events that may affect the achievement of institutional objectives, was provided to the university administration.