Instytucjonalizacja i standaryzacja zarzadzania ryzykiem w systemie bezpieczenstwa informacji w przedsiebiorstwie

• Authors: Rot Artur

Title variants

EN

INSTITUTIONALIZATION AND STANDARDIZATION OF INFORMATION SECURITY RISK MANAGEMENT IN ENTERPRISE

• Languages of publication: PL

Abstracts

EN

Modern information systems are often complex, heterogeneous and dynamic. Technological progress and widespread use of information systems in business generate dependencies that cause the increase of diversity, complexity, uncertainty and the amount of risk factors. Therefore risk management, focusing on finding the optimal relationship between the risks and the cost of security issues, becomes increasingly important. Risk cannot be completely avoided, so it must be properly managed. Therefore organizations should implement standards, guidelines and best practices. The article presents selected standards concerning a very rapidly developing area which is information security risk management in an organization. The major ISO/IEC standards and selected best practices in this area are presented.

Keywords

EN

COBIT; ISO/IEC STANDARDS; RISK MANAGEMENT; SECURITY OF INFORMATION SYSTEMS

Discipline

• ECONOMICS: ECONOMICS

• Publisher: Wydawnictwo Uniwersytetu Ekonomicznego we Wrocławiu
• Journal: Informatyka Ekonomiczna
• Year: 2011
• Issue: 19
• Pages: 164-178
• Document type: ARTICLE

Contributors

author

Rot Artur

• Artur Rot, Uniwersytet Ekonomiczny we Wroclawiu, Katedra Inzynierii Systemow Informatycznych Zarzadzania, ul. Komandorska 118/120, 53-345 Wroclaw, Poland

Identifiers

CEJSH db identifier

11PLAAAA108014