Chapter 15 Process-Centric Risk Management Framework for Information Security

Information security has become one of the most important responsibilities of all organizations due to increasing cyber threats. Attackers take advantage of systems vulnerabilities; therefore, system administrators should be aware of potential threats to take necessary actions to protect their organizations and stakeholders. At this point, a risk assessment is needed to discover possible threats for vulnerable systems of the organization and to implement strategies for the business goals. This study proposes a hybrid risk management framework using both qualitative and quantitative methods to analyze risk within organizations and reduce them with practical countermeasures. Based on this framework, case studies have been carried out considering three hypothetical companies identifying possible information security risks, and these risks have been reduced to an acceptable level by applying the proposed risk analysis methodology.

Download Full-text

A Hybrid Asset-Based IT Risk Management Framework

10.4018/978-1-6684-3698-1.ch004 ◽

2022 ◽

pp. 56-76

Author(s):

Baris Cimen ◽

Meltem Mutluturk ◽

Esra Kocak ◽

Bilgin Metin

Keyword(s):

Risk Management ◽

Information Security ◽

Quantitative Methods ◽

Security Risks ◽

Management Framework ◽

Qualitative And Quantitative Methods ◽

Risk Management Framework ◽

Analysis Methodology ◽

Business Goals ◽

It Risk

Information security has become one of the most important responsibilities of all organizations due to increasing cyber threats. Attackers take advantage of systems vulnerabilities; therefore, system administrators should be aware of potential threats to take necessary actions to protect their organizations and stakeholders. At this point, a risk assessment is needed to discover possible threats for vulnerable systems of the organization and to implement strategies for the business goals. This study proposes a hybrid risk management framework using both qualitative and quantitative methods to analyze risk within organizations and reduce them with practical countermeasures. Based on this framework, case studies have been carried out considering three hypothetical companies identifying possible information security risks, and these risks have been reduced to an acceptable level by applying the proposed risk analysis methodology.

Download Full-text

Identifying the social, cultural and behavioural factors influencing an operational risk management framework implementation--Tanzania

PsycEXTRA Dataset ◽

10.1037/e508832013-001 ◽

2012 ◽

Author(s):

A. Van Niekerk ◽

M. May ◽

K. Moalusi ◽

D. Geldenhuys ◽

M. Levin

Keyword(s):

Risk Management ◽

Operational Risk ◽

Management Framework ◽

Operational Risk Management ◽

Risk Management Framework ◽

Factors Influencing ◽

The Social ◽

Behavioural Factors

Download Full-text

Developing and implementing the risk management framework into business processes of Gazprom transgaz Tomsk Ltd., for implementation of the Eastern gas program of PJSC Gazprom

Issues of Risk Analysis ◽

10.32686/1812-5220-2020-17-1-68-77 ◽

2020 ◽

Vol 17 (1) ◽

pp. 68-77

Author(s):

V. E. Zaikovsky ◽

A. V. Karev

Keyword(s):

Risk Management ◽

Human Resources ◽

Management Information System ◽

Business Processes ◽

Project Success ◽

Management Information ◽

Timely Manner ◽

Project Approach ◽

Management Framework ◽

Risk Management Framework

Project success depends on the ability to respond to risks and make correct decisions in a timely manner. The project approach provides a better framework for implementing a new management system into the company’s business processes. The risk management framework developed by the company comprises a risk management infrastructure, a set of standards, human resources, and a risk management information system. To improve staff compliance, it is necessary to provide training and to communicate the goals of the project effectively. It is also important to develop a motivation system because well trained and motivated staff are able to work more efficiently.

Download Full-text