MODEL OF INFORMATION RISK MEASUREMENT IN CORPORATE SYSTEMS
Journal Title: Вісник Київського національного університету імені Тараса Шевченка. Економіка. - Year 2015, Vol 6, Issue 171
Abstract
The features and world experience of information risk management are analyzed. The process of the modern enterprise is essentially an information process. Corporate information system supports the automation of management functions of the company and ensures the supply of information to improve management decisions. Information risk (IT-risk) is an economic category that is associated with overcoming of the uncertainty at all stages of information processes. IT-risk displays the degree of possible losses as a consequence of changes in the quality and properties of information under the influence of internal and external factors. The purpose of information risk management is the decrease of possible losses and the establishment of rational and economically reasonable volume of costs that are directed on counteracting to IT-risks. The necessity of a comprehensive approach to the analysis and management of information risks in corporate systems is proved. A scheme of IT- risks' decomposition for further analysis was built. Basic key steps of information risks' learning andevaluation can be identified: identification of information resources (assets) of companies that may be the subject of possible threats and determination of the level of corporative security threats; evaluation of the corporative security controls' effectiveness; evaluation of vulnerability of the corporate system, seen as a result of the probable level of threat and level of control strength; evaluation of the loss events frequency as a result of threats and corporate system vulnerability; evaluation of the probable losses from risks in corporate information systems; evaluation of risks in corporate information systems as a result of the loss events frequency and the probable losses as a consequence of information risks. The economic-mathematical model was built with the application of the theory and tools of fuzzy sets and fuzzy logic, which can more accurately measure the risk of information and make effective decisions in reducing the risk of possible lost in the corporate systems.
Authors and Affiliations
Halyna Melnyk
Keywords
Related Articles
- EP ID EP393974
- DOI 10.17721/1728-2667.2015/171-6/9
- Views 69
- Downloads 0
THE CURRENT STATE OF APPLICATION OF INTERNATIONAL FINANCIAL REPORTING STANDARDS IN UKRAINE.
The article analyzed the process of reforming the system of accounting and reporting in Ukraine in accordance with International Financial Reporting Standards. The main results of the tasks of the Strategy of application...
USING HEURISTIC METHODS AND TECHNIQUES TO STIMULATE A COLLECTIVE CREATIVITY OF EMPLOYEES OF THE ENTERPRISE
The article deals withthe establishment and developmentof heuristictechniquesof stimulating creative activity of enterprise personnel based on science achievements and experience analysis. Creating free constructive ente...
THE IMPROVEMENT OF THE CONCEPT OF THE EFFICIENCY OF VENTURE BUSINESS'S ATTRACTION
The concept of the efficiency of venture business's attraction was developed in the article. The theoretical foundations of venture business's concept were explored, four approaches to venture business's understanding we...
STRENGTHENING THE COMPETITIVENESS OF NON-WASTE AGRICULTURAL PRODUCTION SUBJECTS
The widest implementation of non-waste technologies in agro-industrial production is the key to the functioning of a competitive agro-industrial complex. Therefore, an increase of the competitiveness of non-waste agricul...
THE WAYS OF INSTITUTIONALIZATION OF FORMS OF ECONOMY IN A SYSTEM OF AGRARIAN RELATIONS OF POST-SOCIALIST COUNTRIES
An experience of institutionalization of forms of economy of post-socialist countries in a system of agrarian relations is analyzed. Main directions of development of agrarian sector of Ukraine are determined. The necess...