E-Business and Information Security Risk Management

2011 ◽  
pp. 596-614 ◽  
Author(s):  
Stefan Fenz
Keyword(s):  
Information Technology ◽  
Risk Management ◽  
Information Security ◽  
Everyday Life ◽  
Failure Probability ◽  
Security Risk ◽  
Research Directions ◽  
Information Security Risk ◽  
Almost All ◽  
Security Risk Management

For almost all private individuals and especially organizations, information technology (IT) including hardware, software, and data is an irreplaceable part of their everyday life/business. Thus, IT has to be protected in an adequate way to ensure that it delivers the expected services. Information security risk management (ISRM) helps to holistically protect the IT and to minimize their failure probability at reasonable costs. This chapter shows why ISRM is important for e-businesses, gives a brief overview about the ISRM history, describes current problems in ISRM, and presents novel ISRM methods as potential solutions to the stated problems. The chapter closes with an outlook on future ISRM research directions.

scholarly journals University Information System Security Risk Assessment using NIST 800-30

2019 ◽  
Vol 8 (3) ◽  
pp. 8380-8385
Keyword(s):  
Risk Assessment ◽  
Information Technology ◽  
Information System ◽  
Risk Management ◽  
Security Risk ◽  
Good Information ◽  
Business Goals ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
Security Risk Management

A good and fast information system is supported by good information technology. To achieve its business goals, optimal and integrated information technology will support good quality services. The XYZ University Information System (UIS) provides a variety of information needed by students, lecturers, and all staff. But the system that is running is still experiencing problems in its use that can pose various risks. To prevent that, a risk assessment is carried out on the UIS to identify various possible risks and prevent them by forming a risk management. This research will be conducted using NIST 800-30. This standard is used with the aim of anticipating risks so that the organization does not experience losses. The preparation of UIS information security risk management carried out in this study has succeeded in identifying 32 risk scenarios, prioritizing risks, providing direction in managing risks and accepting processes whether risks are acceptable or should be mitigated.

Information Technology Development Risks in the Banking Sector

2020 ◽  
Vol 14 (3) ◽  
pp. 44-53
Author(s):  
N. E. Sokolinskaya ◽  
L. M. Kupriyanova
Keyword(s):  
Information Technology ◽  
Customer Service ◽  
Banking Sector ◽  
Technology Development ◽  
Banking System ◽  
Security Risk ◽  
On Line ◽  
Information Technology Development ◽  
Development Risks ◽  
Security Risk Management

The relevance of the article is because in parallel with the processes of introduction of innovations in the field of automation and computerization of the banking system, the number of types of banking risks associated with innovations in the field of on-line customer service and internal Bank reporting, as well as information systems. As a result of this article, we have studied the latest legislative acts of the Central Bank of Russia as a mega-regulator and summarized the practice of both individual credit institutions and the banking sector in the field of information technology development risks in the banking sector. To strengthen the development of new financial technologies in the digital economy, it is necessary to regularly discuss the emergence of new phenomena and innovations; to consider the possibility of further analysis of existing methodological developments to exchange best practices of banks. Building an effective it security risk management system is not a one-time project. Still, a complex process is important, focused on minimizing external and internal threats and taking into account the limitations on resources and time factor

Sign in / Sign up

Export Citation Format

Share Document