Relevant bibliographies by topics / Information system (IS) risk / Journal articles

Journal articles on the topic 'Information system (IS) risk'

To see the other types of publications on this topic, follow the link: Information system (IS) risk.
Author: Grafiati
Published: 10 December 2022
Last updated: 28 January 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Information system (IS) risk.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Zhang, Chang Lun, and Chao Li. "Information Security Risk Assessment on Complex Information System." Advanced Materials Research 765-767 (September 2013): 1481–85. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1481.

Full text
Abstract:
Risk assessment is the key and core technologies ensuring IT system security. Based on the comprehensive analysis to complex information systems, this paper first summarizes the typical characters of complex information systems and then gives new risk factors that complex system need to face. Furthermore, a new risk assessment method is proposed to evaluate the complex information systems. The method takes full account of the effect of complexity of complex information systems in each process of risk assessment, and utilizes multi-level risk views to carry out in-depth analysis to the risk of complex system.
APA, Harvard, Vancouver, ISO, and other styles
2

Nikolic, Božo, and Ljiljana Ruzic-Dimitrijevic. "Information System and Risk Reassessment." Issues in Informing Science and Information Technology 7 (2010): 191–207. http://dx.doi.org/10.28945/1200.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Durba, Mounica. "Risk Assessment of Information System." Asia-pacific Journal of Convergent Research Interchange 1, no. 3 (September 30, 2015): 31–41. http://dx.doi.org/10.21742/apjcri.2015.09.03.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

MATSUYAMA, Satoshi, Masahiro INOUE, and Tetsuo SAKAI. "Underground risk management information system." Shigen-to-Sozai 122, no. 10/11 (2006): 528–36. http://dx.doi.org/10.2473/shigentosozai.122.528.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Acree, John A. "Important risk information system (IRIS)." Preventive Veterinary Medicine 16, no. 1 (April 1993): 41. http://dx.doi.org/10.1016/0167-5877(93)90008-h.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Zybin, Serhii, and Yana Bielozorova. "Risk-based Decision-making System for Information Processing Systems." International Journal of Information Technology and Computer Science 13, no. 5 (October 8, 2021): 1–18. http://dx.doi.org/10.5815/ijitcs.2021.05.01.

Full text
Abstract:
The article is dedicated to using the methodology of building a decision support system under threats and risks. This method has been developed by modifying the methods of targeted evaluation of options and is used for constructing a scheme of the decision support system. Decision support systems help to make correct and effective solution to shortage of time, incompleteness, uncertainty and unreliability of information, and taking into account the risks. When we are making decisions taking into account the risks, it is necessary to solve the following tasks: determination of quantitative characteristics of risk; determination of quantitative indicators for the effectiveness of decisions in the presence of risks; distribution of resources between means of countering threats, and means that are aimed at improving information security. The known methods for solving the first problem provide for the identification of risks (qualitative analysis), as well as the assessment of the probabilities and the extent of possible damage (quantitative analysis). However, at the same time, the task of assessing the effectiveness of decisions taking into account risks is not solved and remains at the discretion of the expert. The suggesting method of decision support under threats and risks has been developed by modifying the methods of targeted evaluation of options. The relative efficiency in supporting measures to develop measures has been calculated as a function of time given on a time interval. The main idea of the proposed approach to the analysis of the impact of threats and risks in decision-making is that events that cause threats or risks are considered as a part of the decision support system. Therefore, such models of threats or risks are included in the hierarchy of goals, their links with other system's parts and goals are established. The main functional modules that ensure the continuous and efficient operation of the decision support system are the following subsystems: subsystem for analysing problems, risks and threats; subsystem for the formation of goals and criteria; decision-making subsystem; subsystem of formation of the decisive rule and analysis of alternatives. Structural schemes of functioning are constructed for each subsystem. The given block diagram provides a full-fledged decision-making process.
APA, Harvard, Vancouver, ISO, and other styles
7

Cao, Xiao Li. "Research on Method of Information System Information Security Risk Management." Advanced Materials Research 926-930 (May 2014): 4105–9. http://dx.doi.org/10.4028/www.scientific.net/amr.926-930.4105.

Full text
Abstract:
With the popularity of the Internet and global information continues to advance organizational information systems have become an important strategic resource for the survival of the importance of information security to protect its widespread concern. Once the information security organization information system is destroyed, the Organization for Security attribute information would cause tremendous impact the organization's business operation, the losses include not only economic, but also likely to organize image, reputation is a strategic competitive advantage even fatal injuries. However, the existing information systems of information security risk management approach to information system risk analysis and assessment with specific organizational environment and business background with fragmentation, lack of risk analysis and description of the formation process, carried only consider "technical" factors security decisions, lack of full expression to achieve the desired goal of a number of decisions on organizational decision-making. Therefore, the information system to carry information security risk management is essential.
APA, Harvard, Vancouver, ISO, and other styles
8

Liu, Hai Bin, Fei Li, and Wen Qiong Li. "Risk Management of Information System Project." Applied Mechanics and Materials 357-360 (August 2013): 2826–29. http://dx.doi.org/10.4028/www.scientific.net/amm.357-360.2826.

Full text
Abstract:
Risk and its management of information system project has not been too much attention, while its play an important role in the success of information system project. Risk categories, consequences, drivers and action approaches are analyzed and risk management procedure of information system project is proposed in order to carry out effective risk management during information system project management.
APA, Harvard, Vancouver, ISO, and other styles
9

Pontius, Frederick W. "Tapping USEPA's Integrated Risk Information System." Journal - American Water Works Association 85, no. 6 (June 1993): 22–108. http://dx.doi.org/10.1002/j.1551-8833.1993.tb06001.x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Владимир Викторович, Москвичев,, Ничепорчук, Валерий Васильевич, Постникова, Ульяна Сергеевна, and Тасейко, Ольга Викторовна. "Information system of territorial risk assessment." Вычислительные технологии, no. 6 (December 23, 2022): 115–23. http://dx.doi.org/10.25743/ict.2022.27.6.010.

Full text
Abstract:
В работе представлен процесс создания интеллектуальной системы, предназначенной для оценки и управления рисками. Риск может иметь антропогенный, природный или социальный характер и относиться к различным территориальным группам. Сложность структурирования и сбора информации о государственной территориальной безопасности, а также различные методы оценки рисков обусловливают необходимость разработки модульной многозадачной системы. Модель поддержки системы управления информацией формализует проблемную область для обоснования совместного использования инновационных технологий. На основе модели разработана архитектура системы. Эта архитектура определяет состав, функциональные возможности, интерфейсы взаимодействия, а также организацию информационных ресурсов, которые использовались для поддержки управления. Здесь представлен результат работы прототипа информационной системы. The paper presents the process of creating an intelligent system designed to assess and manage risks. The risk can be anthropogenic, natural, or social in nature, and relate to different territorial groups. The complexity of structuring and collecting information on the state territorial security as well as various risk assessment methods, necessitates the development of a modular multitask system. The information management system support model formalizes the problem area to justify the joint use of innovation technologies. Based on the model, system architecture has been developed. This architecture defines the composition, functionality, interaction interfaces, and organization of information resources, that were used to support management. The operation results of the system prototype is presented.
APA, Harvard, Vancouver, ISO, and other styles
11

Ki-Aries, Duncan, Shamal Faily, Huseyin Dogan, and Christopher Williams. "Assessing system of systems information security risk with OASoSIS." Computers & Security 117 (June 2022): 102690. http://dx.doi.org/10.1016/j.cose.2022.102690.

Full text
APA, Harvard, Vancouver, ISO, and other styles
12

Kuzminykh, Ievgeniia, Bogdan Ghita, Volodymyr Sokolov, and Taimur Bakhshi. "Information Security Risk Assessment." Encyclopedia 1, no. 3 (July 24, 2021): 602–17. http://dx.doi.org/10.3390/encyclopedia1030050.

Full text
Abstract:
Information security risk assessment is an important part of enterprises’ management practices that helps to identify, quantify, and prioritize risks against criteria for risk acceptance and objectives relevant to the organization. Risk management refers to a process that consists of identification, management, and elimination or reduction of the likelihood of events that can negatively affect the resources of the information system to reduce security risks that potentially have the ability to affect the information system, subject to an acceptable cost of protection means that contain a risk analysis, analysis of the “cost-effectiveness” parameter, and selection, construction, and testing of the security subsystem, as well as the study of all aspects of security.
APA, Harvard, Vancouver, ISO, and other styles
13

Le, Kien. "ICT Effects and Enhancing Risk Management Information System (RMIS) in Medical Sector in Vietnam." Webology 19, no. 1 (January 20, 2022): 4942–51. http://dx.doi.org/10.14704/web/v19i1/web19331.

Full text
Abstract:
Measuring risk in medical sector in order to propose recommendation s is among concerns of scientists in recent years. In specific, using quantitative and analytical methods, author analyze ICT effects and IT applications in medical sector an hospitals, as well as analyze risk information to propose solutions to enhance risk management information system for Vietnam medical sector. Research findings show us that in order to give suitable suggestions for policy implications, firstly, study recognized that lower risks shown by beta values (< 1) among 57% of listed firms with lower risk. Last but not least, study stated that technology applications in medical sector can help doctors and nurses to manage, store and access better data and documents of patients. And Vietnam hospitals need to enhance more Risk management information system with strong support from IT (information technology) so that we could constantly improve service quality patient services, as well as build a favorable working environment for staff both professionally and professionally, etc.
APA, Harvard, Vancouver, ISO, and other styles
14

Liu, Haiyan. "Study and Application of Urban Flood Risk Map Information Management System Based on SOA." Journal of Software 10, no. 2 (February 2015): 180–89. http://dx.doi.org/10.17706/jsw.10.2.180-189.

Full text
APA, Harvard, Vancouver, ISO, and other styles
15

Pangsuban, Preecha, Prachyanun Nilsook, and Panita Wannapiroon. "A Real-time Risk Assessment for Information System with CICIDS2017 Dataset Using Machine Learning." International Journal of Machine Learning and Computing 10, no. 3 (May 2020): 465–70. http://dx.doi.org/10.18178/ijmlc.2020.10.3.958.

Full text
APA, Harvard, Vancouver, ISO, and other styles
16

Zubovа, Lyudmila V., Eduard Viktorovich Korovin, Alexey Sergeevich Smirnov, Vladimir N. Kuzmin, and Andrey Valerievich Kurakov. "Development of Problem-Oriented Management and Decision-Making System and Optimization of Economic and Social Systems." Webology 18, SI05 (October 30, 2021): 436–51. http://dx.doi.org/10.14704/web/v18si05/web18239.

Full text
Abstract:
The main goal of this study is to develop the theory of risk tolerance in task-oriented processes (using the example of enterprises engaged in research, development, and engineering), which is preceded by an analysis of scientific and methodological provisions for substantiating management decisions when developing promising space rocket technology under economic risks. The complexity of developing the theory of risk tolerance using the example of enterprises involved in the development of military and dual-use equipment lies in the multistructured evaluating system itself, justified by its multicomponent structure and large scale of topological complexity and logic of functioning in various modes and under different conditions, which leads to the need to divide it into a set of subsystems as moving substances in the process of task-oriented processes that have informational, methodological, and algorithmic commonality. That is accompanied by the decentralization of information processing in a structural parametric uncertainty. In this regard, in order to parameterize the uncertainty processes, the authors present a risk tolerance level assessment process diagram in task-oriented processes when developing military and dual-use equipment. Using the algorithm for determining the marginal cost of risk, marginal risk tolerance, and marginal risk level of an economic entity according to the method of L.V. Zubova, the work presents an approach of potentially dangerous risks (PDR) categorization of the financial and economic sphere and suggests ways to minimize risk, taking into account, if possible, risk rejection, determining the "cost of no action" in the face of uncertainty.
APA, Harvard, Vancouver, ISO, and other styles
17

Safariants, D. S., and A. E. Sofiev. "Information system for calculating medical risk factors." Izvestiya MGTU MAMI 8, no. 3-3 (June 10, 2014): 94–99. http://dx.doi.org/10.17816/2074-0530-67586.

Full text
APA, Harvard, Vancouver, ISO, and other styles
18

Xie Xinyong, and XU Xibing. "Establishing an Overall Risk Management Information System." International Journal of Digital Content Technology and its Applications 7, no. 8 (April 30, 2013): 730–35. http://dx.doi.org/10.4156/jdcta.vol7.issue8.82.

Full text
APA, Harvard, Vancouver, ISO, and other styles
19

Chernysheva, T. Yu, E. V. Gnedash, T. Yu Zorina, and N. V. Lenskaya. "Information Systems Project Risk Assessment: Expert Approach." Applied Mechanics and Materials 682 (October 2014): 539–43. http://dx.doi.org/10.4028/www.scientific.net/amm.682.539.

Full text
Abstract:
Types of information system project risks have been analyzed. Models of Information System Risk Management are presented. Expert assessment of IS project risks by the Analytic Hierarchy Process is proposed.
APA, Harvard, Vancouver, ISO, and other styles
20

Pöyhönen, Jouni. "Cybersecurity risk assessment subjects in information flows." European Conference on Cyber Warfare and Security 21, no. 1 (June 8, 2022): 222–30. http://dx.doi.org/10.34190/eccws.21.1.263.

Full text
Abstract:
A modern society includes several critical infrastructures in which digitalization can have positive impacts on the levels of autonomy and efficiency in the use of infrastructure systems. Maritime transportation is an example of an infrastructure that currently needs development in the digitalization of its operations and processes. At the same time, maritime processes represent a large-scale cyber environment, thus trustable information distribution between system elements of the processes is needed. Since 2020, the Sea4Value / Fairway (S4VF) research program in Finland has been working to develop maritime digitalization which can lead to autonomy processes in the future. The first stage of the program has led to a demonstration phase of remote fairway piloting. This remote fairway piloting process, “ePilotage,” is a complex system-of-systems entity. In this entity, fairway systems, ship systems and control center systems are the main processes from the operational point of view. Remote pilotage operations need support processes such as vessel traffic service (VTS) and weather forecast services. Situation awareness from other vessels and the stakeholder’s processes are also essential information for the entire piloting operation. In this context, a new concept of information flows at the technical level will be based partly on cloud servers. In this paper, a cybersecurity risk assessment has been carried out at the technical level of information and communication technologies (ICT), and it concerns information transmission between a ship and a cloud server. It describes the most important topics for a comprehensive risk assessment in a specific ship-to-cloud information flow of the fairway process. The findings of the study can be considered good examples of the management of cybersecurity risks in critical information flows between all main system blocks of the fairway process. The research question is as follows: “How can the cybersecurity risks of information flows in a system-of-systems entity be described and evaluated?” The main findings are related to the risks of transmitting information from a ship to a cloud server. The methodology that has been used is based on analyzing the probabilities of cyberattacks occurring in relation to the probabilities to defend against these actions. The main risk assessment topics have been listed.
APA, Harvard, Vancouver, ISO, and other styles
21

MOROZOVA, OLGA, ARTEM TETSKYI, ANDRII NICHEPORUK, DENUS KRUVAK, and VITALII TKACHOV. "SMART HOME SYSTEM SECURITY RISK ASSESSMENT." Computer systems and information technologies, no. 3 (April 14, 2022): 81–88. http://dx.doi.org/10.31891/csit-2021-5-11.

Full text
Abstract:
The concept of the Internet of Things became the basis of the fourth industrial revolution, which allowed to transfer the processes of automation to a new saber. As a result, automation systems, such as smart homes, healthcare systems and car control systems, have become widespread. The developers of such systems primarily focus their efforts on the functional component, leaving safety issues in the background. However, when designing and operating IoT systems, it is equally important to assess potential bottlenecks and develop complete and comprehensive strategies to mitigate and eliminate the negative effects of cyberattacks. The purpose of this study is to identify possible cyber threats and assess their impact on critical information objects in the smart home system. To achieve this goal, the three-level architecture of the smart home system is considered and a review of known cyber threats for each level is conducted. The critical information objects in the smart home system are the containers in which the information objects are stored, the risk assessment criteria and the cyber threat scenarios. The information security risks of the smart home system were assessed using the OCTAVE Allegro methodology for the information object that presents the information collected by the smart home sensors.
APA, Harvard, Vancouver, ISO, and other styles
22

Nikiforov, O. V., O. G. Dodonov, and V. G. Putyatin. "The use of information technologies in risk management for the flight safety of aviation." Mathematical machines and systems 1 (2021): 32–41. http://dx.doi.org/10.34121/1028-9763-2021-1-32-41.

Full text
Abstract:
At present, the problem of ensuring the necessary level of state aviation flights safety in terms of hu-man and organizational factors is very urgent. Despite the ongoing measures aimed at expanding and strengthening control over the processes of aviation activity, flight incidents caused by insufficient reli-ability of personnel work and organizational errors continue to occupy leading positions. There is an in-sufficient efficiency of the flight safety management system to identify hazardous factors in their latent stage, which is necessary for the early prevention of accidents. The difficulty of timely identification of the aviation system dangerous states associated with these factors is due to the need to account, corre-late and analyze data of a very large dimension and multifacetedness. According to the authors, a suc-cessful solution to this problem is possible through the use of automated processing and cognitive com-bination of large heterogeneous information arrays based on centralized electronic systems for collect-ing, information and analytical processing and storage of information about the functioning of the avia-tion system, identified abnormal and dangerous conditions, and incidents that have already occurred. The article presents the concept of creating a promising automated flight safety management system for state aviation. The proposed system will make it possible to implement the principle of proactive detec-tion and prevention of hazardous factors and risks for flight safety, taking into account human and or-ganizational factors, based on the implementation of processes for centralized collection, generalization and analysis of big data on the state of the aviation system. Topical scientific tasks for the creation of a methodological basis for the development of special software for such an automated system have been formulated.
APA, Harvard, Vancouver, ISO, and other styles
23

Isaev, Eugeni, Dmitry Pervukhin, Georgy Rytikov, Ekaterina Filyugina, and Diana Hayrapetyan. "Risk-based efficiency assessment of information systems." Business Informatics 15, no. 1 (March 31, 2021): 19–29. http://dx.doi.org/10.17323/2587-814x.2021.1.19.29.

Full text
Abstract:
The implementation of information systems is aimed at improving the financial performance of a company, creating a transparent reporting system and improving many other competitive factors. However, the acquisition of these benefits does not negate the complexity of making a decision whether or not to implement a particular IT project. The total cost of ownership of the information system throughout the life cycle is usually not considered in comparison with the expected benefits from the use of the system, due to the uncertainty of such benefits. Comparative certainty of approaches and methods is present only in terms of costs, both for a priori (planned) and a posteriori (actual) assessment. It is possible to determine both capital and operating costs accurately enough. Indirect definition of the positive influence of an information system on the activity of the organization also seems possible. However, there are currently no generally recognized methods for analyzing the expected positive effect of an IT project. At the same time, large companies, in accordance with the requirements of the respective regulators and / or due to internal management considerations, build a risk management system to determine the level of capabilities, losses and to prevent adverse events. This study considers the feasibility of an approach to analyze the effectiveness of the implementation of the information system on the basis of the company’s risk reduction, leading to a decrease in economic benefits. It takes into account the internal risks of the information system that occur during the installation of the system, its operation and the termination of work with the system.
APA, Harvard, Vancouver, ISO, and other styles
24

Boubacar, Ibrahim, Marina Borisovna Budko, Mikhail Yurievich Budko, and Alexei Valerievich Guirik. "Ontological support of information security risk management." Proceedings of the Institute for System Programming of the RAS 33, no. 5 (2021): 41–64. http://dx.doi.org/10.15514/ispras-2021-33(5)-3.

Full text
Abstract:
As a result of the work focused on improving the efficiency of the information security system through the development of an ontological model and an approach based on it to ensure information security (IS) risk management, a flexible result was obtained, which is designed to ensure an increase in the efficiency of the information security system by reducing the time spent on managerial decision-making. At the end of the work, a comparative analysis of existing approaches and techniques to information security risk management and the described approach was carried out. Based on the developed ontology and approach, highly intelligent information security risk management systems and the information security system can be created on its basis.
APA, Harvard, Vancouver, ISO, and other styles
25

Powell, Philip L., and Jonathan H. Klein. "Risk Management for Information Systems Development." Journal of Information Technology 11, no. 4 (December 1996): 309–19. http://dx.doi.org/10.1177/026839629601100405.

Full text
Abstract:
This paper considers the application of project risk management techniques, methods and approaches to information systems development. The paper reviews current thinking on risk as it relates to information systems, and the approaches to risk that have been adopted in IS projects. The paper considers, in the context of IS, the processes of risk identification, structuring, assessment, and aggregation, and the use of such risk analysis to inform the process of risk management. The paper analyses available risk management techniques, and then proceeds to develop a comprehensive decision support system to aid risk analysis.
APA, Harvard, Vancouver, ISO, and other styles
26

Haeruddin. "Mapping Information Asset Profile In The Implementation Of Risk Management Information System Using Octave Allergo." JOURNAL OF INFORMATICS AND TELECOMMUNICATION ENGINEERING 3, no. 1 (July 25, 2019): 67. http://dx.doi.org/10.31289/jite.v3i1.2601.

Full text
Abstract:
<p class="JudulAbstrakEnglish"><em><span>The development of information systems that are very fast nowadays, encourages every organization to follow in order to escalate the competition. The technology that is widely used today is web-based technology. Apart from being easily accessible and used, this technology is vulnerable to any attacks; so using this information system will bring access risks by those who are not authorized. Therefore, risk management is something that needs to be considered in an organization to minimize the risks that will arise. Mapping the information asset profile can help Universitas Internasional Batam to evaluate, manage risks, and protect assets from the risks that will occur. The researcher used OCTAVE Allergo method in mapping and measuring Information Systems at Universitas Internasional Batam, consists of Academic Information Systems, Academic Portals, Registration Information Systems, Financial Information Systems, HR Information Systems. From the results of this study, Universitas Internasional Batam finds out which impact areas are the most effected: the reputation and customers trust, recognize the information of critical assets, mitigate assets that have high risks, in order to minimize unwanted risks.</span></em></p>
APA, Harvard, Vancouver, ISO, and other styles
27

Amraoui, Soumaya, Mina Elmaallam, Hicham Bensaid, and Abdelaziz Kriouile. "Information Systems Risk Management: Litterature Review." Computer and Information Science 12, no. 3 (June 17, 2019): 1. http://dx.doi.org/10.5539/cis.v12n3p1.

Full text
Abstract:
The security of a company&#39;s information system (IS) is an important requirement for the pursuit of its business. Risk management contributes to the protection of the IS assets. It saves the organism from the losses caused by the emergence of unwanted events having an incidence on the IS objectives and consequently on its strategy. It has also an important role in the decision making about entering new opportunities. In addition, it promises an optimal allocation of information system resources. The risk management process aims to analyze what can happen and what are the eventual consequences for the organization before deciding what needs to be done and reducing the risks to an acceptable level. This paper presents a literature review of IS risk management and gives a comparative analyse of its processes, methods and standards.
APA, Harvard, Vancouver, ISO, and other styles
28

Шинаков, Кирилл, Kirill Shinakov, Михаил Рытов, Mikhail Rytov, Оксана Голембиовская, Oksana Golembiovskaya, Ксения Чиркова, and Kseniya Chirkova. "SAFETY RISK ASSESSMENT OF INFORMATION SYSTEMS PROCESSING CONFIDENTIAL INFORMATION." Bulletin of Bryansk state technical university 2016, no. 2 (June 30, 2016): 193–200. http://dx.doi.org/10.12737/20289.

Full text
Abstract:
Confidential information processing in information systems under conditions of the universal informatization in both stateowned and private companies is an urgent problem. Many operators processing a trade secret or per-sonal data underestimate possible damage caused by the disclosure, deletion or change of confidential in-formation and afterwards become victims either of deliberate criminals or suits of workers whose rights were violated. In such a way, the safety risk assessment of confidential information processed in information systems is a priority trend both for an operator and for a subject of confidential information. As a result of the investigation carried out there was developed a procedure for risk assessment of information systems processing confidential information in which it is possible to define and process a critical group of threats, and also a system for the definition of sufficient and the best set of countermeasures among possible ones. At the intermediate and final stage there is defined a significance of an information safety risk witnessing of measures carried out for the assurance of confidential information safety.
APA, Harvard, Vancouver, ISO, and other styles
29

Wright, Sally, and Arnold M. Wright. "Information System Assurance for Enterprise Resource Planning Systems: Unique Risk Considerations." Journal of Information Systems 16, s-1 (January 1, 2002): 99–113. http://dx.doi.org/10.2308/jis.2002.16.s-1.99.

Full text
Abstract:
Enterprise Resource Planning (ERP) systems inherently present unique risks due to tightly linked interdependencies of business processes, relational databases, and process reengineering. Knowledge of such risks is important in planning and conducting assurance engagements of the reliability of these complex computer systems. Yet, there is little empirical evidence on this issue. To examine this topic, a semi-structured interview study was conducted with 30 experienced information systems auditors (from 3 of the Big 5 firms) who specialize in assessing risks for ERP systems. This approach allowed us to obtain detailed information about participants' views and client experiences. The results indicate that the implementation process of ERP systems has an important impact on system reliability. Further, interviewees identified a number of common implementation problems (e.g., improperly trained personnel and inadequate process reengineering efforts) that result in heightened risks. Interviewees also reported that ongoing risks differ across applications and across vendor packages. Finally, in providing assurance on ERP systems participants overwhelmingly indicate a focus on testing the process rather than system output.
APA, Harvard, Vancouver, ISO, and other styles
30

Erokhin, V. V. "MANAGEMENT OF INTERNAL RISKS OF A COMMERCIAL BANK USING INFORMATION SYSTEMS." Juvenis scientia, no. 10 (2018): 28–31. http://dx.doi.org/10.32415/jscientia.2018.10.05.

Full text
Abstract:
The article deals with the modern approaches to improve the management of internal banking risk on the basis of the methodological foundations of development and realization of the information system for the evaluation of commercial bank internal risks. Software implementation of a mathematical formalization of the banking risk management allows you to define the characteristics of reliability of banking information systems even prior to their commissioning. Reviewed by the internal control system of commercial bank risk. Internal risk assessment scale developed by banks. The technique of building architecture of an information system for the evaluation of commercial bank internal risks.
APA, Harvard, Vancouver, ISO, and other styles
31

Zhang, Zhi Guo. "Research on Construction of Risk Information Mining System in Programme." Advanced Materials Research 255-260 (May 2011): 3928–32. http://dx.doi.org/10.4028/www.scientific.net/amr.255-260.3928.

Full text
Abstract:
Programme management is integrated and coordinated management for multitudinous interactive Projects, It is a very important part of multi-Project management and trend for Project management development. Compared with single project management, It may face more kind and more complicated risks in the process of programme management. on the base of programme risk management, the paper analyze concept, characters, classification of risk information ,and designed system of programme risk information mining, then analyze the factors. It can provide a basis for the risk management.
APA, Harvard, Vancouver, ISO, and other styles
32

F. Onaolapo, Oladipo,. "IMPACT AND RISK ANALYSIS OF AEROSPACE INFORMATION SYSTEM." IOSR Journal of Engineering 2, no. 1 (January 2012): 38–41. http://dx.doi.org/10.9790/3021-0213841.

Full text
APA, Harvard, Vancouver, ISO, and other styles
33

Wilda, Anisa Nurul, Yasmini Fitriyati, and Izzati Muhimmah. "Information System for Monitoring High-Risk Pregnant Women." IJID (International Journal on Informatics for Development) 10, no. 1 (June 23, 2021): 31–37. http://dx.doi.org/10.14421/ijid.2021.2269.

Full text
Abstract:
Maternal mortality rates are still high in several areas, including Bantul Regency, Special Region of Yogyakarta. Based on the data obtained from the Bantul District Health Office, from 2018 to 2019, 28 pregnant women died. Posyandu and Puskesmas cadres often encounter problems in collecting data on pregnant women because they still use manual methods. Manual records using books has disadvantages because sometimes pregnant women forget to bring their books. Therefore, an application for recording pregnancy history is needed to enable convenient monitoring by Posyandu cadres, Puskesmas, doctors, and hospitals in order that pregnant women patients can be handled properly in case of emergency. The application used by pregnant women is Mobile App-based, meanwhile, the Web-based Monitoring Information System is used by Posyandu cadres, Puskesmas, doctors, and hospitals. The application allows displaying the medical history and makes it easier for pregnant women to have counseling or examinations without meeting directly with the doctor. If there are any problems in the womb, the doctor will immediately provide a solution or recommendation. The results of the system testing with 15 respondents as users show that 52,1% strongly agree, 37,7% agree, and 10,2% neutral in response to the system interface. The implementation of the information system for monitoring high-risk pregnant women in the majority is accepted by all actors. Hence, it can be concluded that in an attempt to digitalize manual recording of pregnant women's examinations, this information system for monitoring high-risk pregnant women is reliable to be implemented.
APA, Harvard, Vancouver, ISO, and other styles
34

XU Shaobing, and XU Xibing. "Overall Risk Management Information System of Steel Group." International Journal of Digital Content Technology and its Applications 7, no. 8 (April 30, 2013): 736–40. http://dx.doi.org/10.4156/jdcta.vol7.issue8.83.

Full text
APA, Harvard, Vancouver, ISO, and other styles
35

Phusavat, Kongkiti, Pornthep Anussornnitisarn, Rosemarin Sukhasem, Bordin Rassameethes, and Binshan Lin. "ICT risk for government financial management information system." Electronic Government, an International Journal 7, no. 2 (2010): 101. http://dx.doi.org/10.1504/eg.2010.030922.

Full text
APA, Harvard, Vancouver, ISO, and other styles
36

Subrahmanyam, Dr Kodukula, M. Haritha, V. Tejaswini, Ch Balaram, and C. Dheeraj. "Information Security and Risk Management for Banking System." International Journal of Computer Trends and Technology 10, no. 3 (April 25, 2014): 171–76. http://dx.doi.org/10.14445/22312803/ijctt-v10p129.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

Septian, R. F., and G. C. Pamuji. "Risk Analysis of Dutch Healthcare Company Information System." IOP Conference Series: Materials Science and Engineering 662 (November 20, 2019): 022041. http://dx.doi.org/10.1088/1757-899x/662/2/022041.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Hung, Yu Wen, Shih-Chieh Hsu, Zhi-Yuan Su, and Hsieh-Hong Huang. "Countering user risk in information system development projects." International Journal of Information Management 34, no. 4 (August 2014): 533–45. http://dx.doi.org/10.1016/j.ijinfomgt.2014.02.003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
39

Chu, Xiaodong, Weihao Wang, Maosen Tang, Haoyi Huang, and Lei Zhang. "Information system risk assessment for global energy interconnection." IOP Conference Series: Earth and Environmental Science 227 (March 2, 2019): 032044. http://dx.doi.org/10.1088/1755-1315/227/3/032044.

Full text
APA, Harvard, Vancouver, ISO, and other styles
40

Taherdoost, Hamed. "A Review on Risk Management in Information Systems: Risk Policy, Control and Fraud Detection." Electronics 10, no. 24 (December 9, 2021): 3065. http://dx.doi.org/10.3390/electronics10243065.

Full text
Abstract:
Businesses are bombarded with great deals of risks, vulnerabilities, and unforeseen business interruptions in their lifetime, which negatively affect their productivity and sustainability within the market. Such risks require a risk management system to identify risks and risk factors and propose approaches to eliminate or reduce them. Risk management involves highly structured practices that should be implemented within an organization, including organizational planning documents. Continuity planning and fraud detection policy development are among the many critically important practices conducted through risk management that aim to mitigate risk factors, their vulnerability, and their impact. Information systems play a pivotal role in any organization by providing many benefits, such as reducing human errors and associated risks owing to the employment of sophisticated algorithms. Both the development and establishment of an information system within an organization contributes to mitigating business-related risks and also creates new types of risks associated with its establishment. Businesses must prepare for, react to, and recover from unprecedented threats that might emerge in the years or decades that follow. This paper provides a comprehensive narrative review of risk management in information systems coupled with its application in fraud detection and continuity planning.
APA, Harvard, Vancouver, ISO, and other styles
41

Taylor, David, Derek Williamson, Harprit Kaur, Kevin Macintosh, Leo Brewster, and Ramon Roach. "BARBADOS NATIONAL COASTAL RISK INFORMATION AND PLANNING PLATFORM A SOFTWARE SYSTEM FOR HAZARDS, VULNERABILITY & RISK." Coastal Engineering Proceedings, no. 36 (December 30, 2018): 55. http://dx.doi.org/10.9753/icce.v36.risk.55.

Full text
Abstract:
The Barbados National Coastal Risk Information and Planning Platform (NCRIPP) is a study nearing completion to quantify coastal risk and develop a software system to serve this information country-wide. The NCRIPP follows extensive coastal baseline studies and includes assessment of eight hazards, vulnerability assessment and finally a risk assessment. The software platform is a cloud-based system that includes a large catalogue of assets, hazard overlays, and the ability to calculate damages , and mitigation alternatives.
APA, Harvard, Vancouver, ISO, and other styles
42

OLSON, DAVID L., and DESHENG DASH WU. "MULTIPLE CRITERIA ANALYSIS FOR EVALUATION OF INFORMATION SYSTEM RISK." Asia-Pacific Journal of Operational Research 28, no. 01 (February 2011): 25–39. http://dx.doi.org/10.1142/s021759591100303x.

Full text
Abstract:
Information technology (IT) involve a wide set of risks. Enterprise information systems are a major developing form of information technology involving their own set of risks, thus creating potential blind spots. This paper describes risk management issues involved in enterprise resource planning systems (ERP) which have high impact on organizations due to their high cost, and their pervasive impact on organizational operations. Alternative means of acquiring ERP systems, to include outsourcing to application service providers (ASPs) are available. But outsourcing ERP involves many risks that are often overlooked. After identification of typical risks involved with representative alternative forms of ERP, multiple criteria analysis is proposed as a useful tool for tradeoff analysis in this selection decision. SMART is compared with popular approaches such as DEA and PCA- based DEA. A demonstration of how multiple criteria analysis can be applied in the international ERP alternative selection decision is given by including outsourcing to China and South Korea.
APA, Harvard, Vancouver, ISO, and other styles
43

Raz, Tzvi, and Matthew F. Baretich. "ARMIS: A microcomputer-based hospital risk management information system." Journal of Medical Systems 9, no. 5-6 (December 1985): 315–24. http://dx.doi.org/10.1007/bf00992570.

Full text
APA, Harvard, Vancouver, ISO, and other styles
44

Anton, Nicolae, and Anișor Nedelcu. "The Systemic Approach to Information Protection in Relation to Risk in an Integrated Information Security System." Applied Mechanics and Materials 760 (May 2015): 689–94. http://dx.doi.org/10.4028/www.scientific.net/amm.760.689.

Full text
Abstract:
This paper presents an approach to the risk of information security. By taking into consideration how critical it is for a system, each category of information should be associated with a correspondent level of security risk and each level of security risk must be defined by appropriate measures to control the risks for information security. Equally important is how many levels of security risk are defined for information, or how they are classified. It is critical, however, that the model adopted reflects all the objectives that the system requires.
APA, Harvard, Vancouver, ISO, and other styles
45

Costa, Fábio, Patrícia Santos, João Varajão, Luís Torres Pereira, and Vitor Costa. "Risk Management Information System Architecture for a Hospital Center." International Journal of Healthcare Information Systems and Informatics 8, no. 4 (October 2013): 58–72. http://dx.doi.org/10.4018/ijhisi.2013100105.

Full text
Abstract:
In modern day’s institutions, risk management plays a crucial role as it aims to minimize the likelihood of adverse events and contributes to improve the quality of services delivery. In health care, an effective risk management is only possible if supported by information systems that can produce high quality measures and meaningful risk indicators. These indicators will then allow the healthcare organization to self-assess by identifying critical gaps and opportunities for improvement in several frontiers. Such an organizational thrust is not only warranted for competitiveness but also fundamental for the purpose of benchmarking, accreditation and certification. Additionally, monitoring of specific indicators is often required by the tutelage. However, the development of a risk management system can be an arduous process due to the inherent complexity of clinical systems. This paper presents an architecture for the implementation of a risk management information system, using as example the case of CHTMAD, a Portuguese hospital center.
APA, Harvard, Vancouver, ISO, and other styles
46

Kalashnikov, Andrey, and Evgenia Anikina. "Management of Information Risks for Complex System Using the «Cognitive Game» Mechanism." Voprosy kiberbezopasnosti, no. 4(38) (2020): 2–10. http://dx.doi.org/10.21681/2311-3456-2020-04-2-10.

Full text
Abstract:
Purpose of the article: development of mechanisms for solving problems of information risk management of complex systems in conditions of uncertainty and mutual influence of system elements on each other. Research method: game-theoretic mathematical modeling of risk management processes in complex systems based on arbitration schemes and multistep games on cognitive maps. The result: a general model of a complex system (for example, a heterogeneous computer network) is considered, within which the risk manager (risk-manager) carries out effective risk management by distributing the resource at his disposal among its elements (nodes of a computer network). To assess the state of the system elements, functions of local risk are proposed that satisfy certain specified requirements, and to assess the state of the system as a whole, an integral risk function is proposed. It is shown that in the case of independence (absence of mutual influence on each other) of the system elements to find an effective resource allocation, a game-theoretic approach can be used based on an arbitration scheme based on the principles of stimulation and non-suppression (MS-solution). For the case when changes in the level of risk for one element of the system can have a significant impact on the levels of risks of other elements, it is proposed to use game-theoretic models based on the MS-solution and a multistep “cognitive game”.
APA, Harvard, Vancouver, ISO, and other styles
47

KVASNYTSKA, Raisa, Iryna FORKUN, and Tetyana GORDEEVA. "MODERN APPROACHES TO PROVIDING INFORMATION SECURITY OF PAYMENT SYSTEMS AND THEIR CYBER PROTECTION." Herald of Khmelnytskyi National University. Economic sciences 310, no. 5(1) (September 29, 2022): 47–52. http://dx.doi.org/10.31891/2307-5740-2022-310-5(1)-8.

Full text
Abstract:
The article analyzes the domestic and international approaches of scientists and financial institutions regarding the interpretation of the concept of payment systems and proposes the author’s interpretation of this category as “an organizationally formed set of system participants and the relations between them regarding the transfer of funds based on recognized legal norms at the level of sovereign countries or at the international level. The peculiarities of the payment systems’ functioning and the possibility of taking into account the international standards for the exchange of financial messages ISO 20022 in the payment infrastructure of Ukraine were analyzed, which will allow to harmonize the Ukrainian payment area with the world, to expand the details of payments with additional information, to increase the level of service and efficiency of payments, to enrich the functional content of payment instruments for the benefit of banks and their customers, increase the level of automation of payments. It was determined that the area of the payment systems’ functioning belongs to the risky spheres of activity. The typification of the payment systems’ risks of banking and non-banking institutions, determined by the regulations of the National Bank of Ukraine, defines such types of risks as legal, payment, operational, systemic and financial risks. It is substantiated that the basis of the effective functioning of banking institutions in conditions of uncertainty is the identification and management of risks inherent in banking activity. At the same time, the emphasis is on the fact that a component of operational risk is such a type of risk as cyber risk, which is considered as the risk of realizing cyber threats to information resources and/or information infrastructure, as well as the consequences of such events. Because modern payment systems are intermediaries in the movement of funds, and therefore are at risk of negative influences, challenges, threats and dangers, which can lead to damage to the national interests of states, it is proposed to consider cyber risk as a separate type of risks of the payment systems’ functioning. In order to prevent, detect, respond, absorb cyber risk, and ensure adaptability and the ability to restore the payment system, the central bank of the state should increase the level of information security and cyber protection in the field of funds transfer. The information security policy of banks must be constantly supplemented and changed in accordance with the specified set of criteria for assuring information security.
APA, Harvard, Vancouver, ISO, and other styles
48

Qi, Xian Jun, Xiang Tian Peng, and Xiang Yu Huang. "Imprecise Risk Assessment of Power System." Applied Mechanics and Materials 492 (January 2014): 526–30. http://dx.doi.org/10.4028/www.scientific.net/amm.492.526.

Full text
Abstract:
The incomplete probabilistic information can lead to imprecision. The traditional power system risk assessment can only deal with random information, but it cannot deal with the imprecise information. Interval Probability (IP) can reflect both randomness and imprecision. The risk assessment of power system based on IP is an effective method to deal with imprecision and can provide more useful information to the decision-makers. In the paper, the completeness degree of probabilistic information was depicted by IP. The nonlinear optimization models for imprecise risk assessment of generating system and composite generation-transmission system were established. And the genetic algorithm was used to obtain the upper and lower bound of reliability indices. Case study on revised IEEE-RTS79 and IEEE-RBTS system showed the rationality and equity of presented method.
APA, Harvard, Vancouver, ISO, and other styles
49

Xie, Yi, Jia Liu, Shufan Zhu, Dazhi Chong, Hui Shi, and Yong Chen. "An IoT-based risk warning system for smart libraries." Library Hi Tech 37, no. 4 (November 18, 2019): 918–32. http://dx.doi.org/10.1108/lht-11-2017-0254.

Full text
Abstract:
Purpose When integrating smart elements offered by emergent technologies, libraries are facing the challenges of technological renovation and maintaining their operation using emerging technology. Given the importance of smart library, new technologies are needed in building new libraries or renovation of existing libraries. The purpose of this paper is to propose a risk warning system for library construction or renovation in the aspect of risk management. Design/methodology/approach The proposed Internet of Things (IoT)-based system consists of sensors that automatically monitor the status of materials, equipment and construction activities in real time. AI techniques including case-based reasoning and fuzzy sets are applied. Findings The proposed system can easily track material flow and visualize construction processes. The experiment shows that the proposed system can effectively detect, monitor and manage risks in construction projects including library construction. Originality/value Compared with existing risk warning systems, the proposed IoT-based system requires less data for making dynamic predictions. The proposed system can be applied to new builds and renovation of libraries.
APA, Harvard, Vancouver, ISO, and other styles
50

Litvinchuk, Iryna, Ruslan Korchomnyi, Nataliia Korshun, and Maksym Vorokhob. "APPROACH TO INFORMATION SECURITY RISK ASSESSMENT FOR A CLASS «1» AUTOMATED SYSTEM." Cybersecurity: Education, Science, Technique 2, no. 10 (2020): 98–112. http://dx.doi.org/10.28925/2663-4023.2020.10.98112.

Full text
Abstract:
The article is devoted to the assessment of information security risks in automated systems of class "1". An adapted approach to the assessment of information security risks in such automated systems using the Methodology and requirements of the standards of GSTU SUIB 1.0 / ISO / IEC 27001: 2010 and GSTU SUIB 2.0 / ISO / IEC 27002: 2010 is proposed. The efficiency and methods of implementation of the approach are proved on the example of consideration of real threats and vulnerabilities of class 1 automated systems. The main requirement for the creation of information security management system in the organization is risk assessment and identification of threats to information resources that are processed in information and telecommunications systems and speakers. The basic standards on information security in Ukraine are considered, which give general recommendations for the construction and assessment of information security risks within the ISMS. The most common methods and methodologies for assessing information security risks of international standard are analyzed, their advantages and disadvantages are identified. The order of carrying out of works on an estimation of risks of information security of the AS of a class "1" is defined. The vulnerabilities considered by the expert according to the standard ISO/IEC 27002:2005 and the Methodology are given. A conditional scale for determining the impact on the implementation of threats to integrity, accessibility, observation is given. Measures and means of counteracting the emergence of threats are proposed. This approach can be used both for direct information risk assessment and for educational purposes. It allows to get the final result regardless of the experience and qualifications of the specialist who conducts risk assessment, with the subsequent implementation and improvement of the existing risk management system in the organization.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Information system (IS) risk' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography