Definição de critérios para avaliação de processos de tecnologia da informação (TI) considerando accountability no gerenciamento de riscos: um estudo em instituições financeiras bancárias no Brasil

Abstract

This descriptive study aims at define criteria which are used to evaluate IT processes considering accountability in risk management within the largest bank financial institutions which operate in Brazil. Analyzing established model criteria, spotting performance measurement procedures in light of GTI and investigating risk management evidences, responsibilities, accounting and transparency within Risk Management Reports were the means used for the definition of criteria. Content Analysis Techniques, Lexical Analysis, Descriptive Statistics and Factorial Maps development supported the results corroboration. Content Analysis allowed the criteria frequency to be identified and together with Lexical Analysis permitted the influences among categorical and lexical variables to be verified. Lexical Analysis provided the establishment of influence relations among concepts (risk, strategy, performance, information technology, security, responsibility, accounting and transparency) and categories (evaluation patterns). The results demonstrated that there is a meaningful relation among the analyzed criteria, risk management elements and accountability.