MODEL OF INFORMATION RISK MEASUREMENT IN CORPORATE SYSTEMS
Journal Title: Вісник Київського національного університету імені Тараса Шевченка. Економіка. - Year 2015, Vol 6, Issue 171
Abstract
The features and world experience of information risk management are analyzed. The process of the modern enterprise is essentially an information process. Corporate information system supports the automation of management functions of the company and ensures the supply of information to improve management decisions. Information risk (IT-risk) is an economic category that is associated with overcoming of the uncertainty at all stages of information processes. IT-risk displays the degree of possible losses as a consequence of changes in the quality and properties of information under the influence of internal and external factors. The purpose of information risk management is the decrease of possible losses and the establishment of rational and economically reasonable volume of costs that are directed on counteracting to IT-risks. The necessity of a comprehensive approach to the analysis and management of information risks in corporate systems is proved. A scheme of IT- risks' decomposition for further analysis was built. Basic key steps of information risks' learning andevaluation can be identified: identification of information resources (assets) of companies that may be the subject of possible threats and determination of the level of corporative security threats; evaluation of the corporative security controls' effectiveness; evaluation of vulnerability of the corporate system, seen as a result of the probable level of threat and level of control strength; evaluation of the loss events frequency as a result of threats and corporate system vulnerability; evaluation of the probable losses from risks in corporate information systems; evaluation of risks in corporate information systems as a result of the loss events frequency and the probable losses as a consequence of information risks. The economic-mathematical model was built with the application of the theory and tools of fuzzy sets and fuzzy logic, which can more accurately measure the risk of information and make effective decisions in reducing the risk of possible lost in the corporate systems.
Authors and Affiliations
Halyna Melnyk
Keywords
Related Articles
- EP ID EP393974
- DOI 10.17721/1728-2667.2015/171-6/9
- Views 61
- Downloads 0
Comparativism of Definitions "Systemically Important" and "Systematic Financial Institutions"
A comparative analysis of the definitions of "systemically important", "systemically significant", "systematic financial institutions" was conducted, and the correlation between definitions was established in the article...
FINANCIAL MARKET OF AZERBAIJAN: CURRENT CONDITION AND FUTURE PERSPECTIVES
This article covers the studies of the economic model of Azerbaijan. The stages of its development and specific features are shown. It is pointed out that the base of the national economy is the production and transporta...
ANALYSIS OF THE ORIGIN, MODERN CHARACTERISTICS AND PROSPECTS OF DETERMINING THE PROFILE OF UKRAINIAN MANAGER
The article is devoted to the development of the initial theoretical and methodological provisions for the study of profile of modern Ukrainian manager. The results of the corresponding applied empirical analysis carried...
Prospects of Introducing Innovations in Personal Insurance on The Example of Foreign Countries
In order to find ways to innovate the development of personal insurance, problems were summarized and constraining factors that prevent personal insurance from developing as a separate insurance industry. These problems...
ТHEORETICAL AND APPLIED ASPECTS OF THE INTERNATIONAL INVESTMENT COMPETITIVENESS DEFINITION
The author proposes to allocate the definition of "international investment competitiveness" in the system of concepts that define the features of international investment at different levels of the economic system. Just...