SECURITY RISK MANAGEMENT MODEL
Journal Title: FBIM Transactions - Year 2019, Vol 0, Issue 2
Abstract
Worldwide there are many developed models for managing security risks. Within this thesis, the developed model with eight phases will be represented. The phase “Business System Identification” should identify all objects of a business system, the activities realized within it, and employees, because these potentially can be jeopardized by some threat. Therefore, it is necessary to make an estimation why and how a potential unpredictable event could influence a business system and all of its resources, as well as it should be determined whether potential unpredictable event, which could cause certain threat, represents the event which would cause damage which business system must not allow, or a specific potential event is irrelevant for it. In the phase “Threat Estimation” potential specific threats and situations in which these may occur are predicted. In this phase, the security risk estimation is not made, but the necessary information and instructions that will be used for the estimate are gathered. “Vulnerability Estimation“ is the phase of a security risk management model in which the strength and weakness of a business system should be recognized, related to security measures which protect the system from the surrounding influences. In the next phase, the security risk estimate is realized. All available, relevant (direct and indirect) security-related information are combined, in order to identify potential influence and the probability of the occurrence of a potential threat on the business system, i.e. to get the current level of security risk. In the phase “Security Measures and Strategies“ their development and creation are realized, in order to accomplish the reduction of probable occurrence of security risk and its harmful (dangerous) influence by their application. In the phase „Decision Making“ it is necessary to bring the decisions related to priorities, logistics support, timelines, financials, etc. This phase is realized in three steps, as follows: (1) Procedures for reducing the security risk to an acceptable level, (2) Priorities setting, and (3) Approving of financials and necessary resources. After this phase, the preparation and implementation of developed security measures are realized by this model. In the end, the evaluation of everything done is made, potentially, necessary corrections are realized, as well as the preparation for future modernization of security measures and strategies is made.
Authors and Affiliations
Nemanja Jovanov, Nikola Glodjovic, Goran Jovanov
Keywords
Related Articles
- EP ID EP655974
- DOI 10.12709/fbim.07.07.02.06
- Views 50
- Downloads 0
OBLIGATION TO IMPLEMENT TECHNICAL MEASURES FOR DATA PROTECTION BASED ON EU GDPR
On 25 May 2018 in all countries of the European Union came into force The General Data Protection Regulation – GDPR. The protection of the rights and freedoms of individuals with regard to the processing of personal data...
SOURCES OF FINANCING OF INNOVATIVE BUSINESS: VENTURE CAPITAL FUNDS
In the modern market economy aimed at innovative development, venture investment is one of the most promising tools. Considering the experience of the developed countries of the world, effective functioning of the ventur...
ANALIZA KONKURENTNOSTI BOSNE I HERCEGOVINE U KONTEKSTU PRISTUPNIH PROCESA EU
Iako postoji više definicija pojma konkurentnost, OECD je istu definisao kao sposobnost zemlje da u slobodnim i ravnopravnim tržišnim uslovima proizvodi robe i usluge koje prolaze test međunarodnog tržišta, uz istovremen...
SIGNIFICANCE AND VALUE OF BUSINESS INFORMATION AND MEASURES OF PROTECTION IN THE INDUSTRIAL ESPIONAGE
The world is full of data and information that has value in the business world. We always want to get information, but we cannot always have them at a crucial moment when we need them. The information can depend on the b...
SIGNIFICANCE OF ANTICIPATING DEMAND FOR THE INVENTORY MANAGEMENT PROCESS OF AN ENTERPRISE BY APPLYING THE MONTE CARLO SIMULATION
More than ever, market conditions are limited by financial resources. One of the major costs of business entities is the costs of inventory management. Successful business doing in modern conditions requires an efficient...