Original scientific paper
https://doi.org/10.32985/ijeces.8.2.1
The Impact of Information System Risk Management on the Frequency and Intensity of Security Incidents
Hrvoje Očevčić
orcid.org/0000-0002-8719-536X
; Addiko Bank d.d.
Krešimir Nenadić
orcid.org/0000-0002-7843-682X
; Faculty of Electrical Engineering, Computer Science and Information Technology Osijek
Krešimir Šolić
; Josip Juraj Strossmayer University of Osijek, Faculty of Medicine
Tomislav Keser
orcid.org/0000-0001-7300-0659
; Josip Juraj Strossmayer University of Osijek, Faculty of Electrical Engineering, Computer Science and Information Technology Osijek
Abstract
The survey identified positive effects of work on information security risk management. Regarding the survey results of information system incidents, a significant reduction was recorded in the number of system downtime incidents. The scope of implementation of the risk assessment methodology is the whole ICT system, and therefore the implementation covers all parts of information assets. Positive effects are obtained by reducing the risk by known mitigation methods. Technical details of the implemented control measures were not considered in this paper. In accordance with the standards used in methodology development, significant and increasing levels of user awareness of ICT systems have been considered. The effects of all implemented measures have resulted in a significant increase in the availability of parts of ICT systems.
Keywords
downtime; risk assessment; risk mitigation; security incidents
Hrčak ID:
192910
URI
Publication date:
21.12.2017.
Visits: 2.351 *