Abstract: Systems and methods for assessing an information security governance of an enterprise are disclosed. The method includes classifying the information security governance into a plurality of sub-information security governances. The method further comprises defining a plurality of governance focus areas and a plurality of governance control dimensions for a sub-information security governance. The method further comprises checking a compliance, by a processor, of the governance practices of users in the sub-information security governances, in the plurality of governance focus areas, and in the plurality of governance control dimensions. The method further comprises assigning weights to the plurality of governance focus areas, to the plurality of governance control dimensions, and to the sub-information security governances. The method further comprises determining a score for sub-information security governance based on the compliance and the weights.

Abstract: Systems and methods for assessing an information security governance of an enterprise are disclosed. The method includes classifying the information security governance into a plurality of sub-information security governances. The method further comprises defining a plurality of governance focus areas and a plurality of governance control dimensions for a sub-information security governance. The method further comprises checking a compliance, by a processor, of the governance practices of users in the sub-information security governances, in the plurality of governance focus areas, and in the plurality of governance control dimensions. The method further comprises assigning weights to the plurality of governance focus areas, to the plurality of governance control dimensions, and to the sub-information security governances. The method further comprises determining a score for sub-information security governance based on the compliance and the weights.

Abstract: Project risk patterns modeling and risk mitigation. The method includes obtaining potential risk factors associated with a project. Further, at least one interacting potential risk factor influencing at least another potential risk factor may be ascertained. The ascertaining is performed based on interaction indicators. The interaction indicators are indicative of an interaction between the at least one interacting potential risk factor and the at least another potential risk factor. Further, a risk emergence pattern is identified based on the interaction between the at least one interacting potential risk factor and the at least another potential risk factor. The risk emergence pattern is indicative of a recurrent interaction between the at least one interacting potential risk factor and the at least another potential risk factor.