{"title":"朝着明确的IT风险定义迈进","authors":"Maksim Goman","doi":"10.1145/3277570.3277586","DOIUrl":null,"url":null,"abstract":"The paper addresses the fundamental methodological problem of risk analysis and control in information technology (IT) -- the definition of risk as a subject of interest. Based on analysis of many risk concepts, we provide a consistent definition that describes the phenomenon. The proposed terminology is sound in terms of system analysis principles and applicable to practical use in risk assessment and control. Implication to risk assessment methods were summarized.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"471 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Towards unambiguous IT risk definition\",\"authors\":\"Maksim Goman\",\"doi\":\"10.1145/3277570.3277586\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The paper addresses the fundamental methodological problem of risk analysis and control in information technology (IT) -- the definition of risk as a subject of interest. Based on analysis of many risk concepts, we provide a consistent definition that describes the phenomenon. The proposed terminology is sound in terms of system analysis principles and applicable to practical use in risk assessment and control. Implication to risk assessment methods were summarized.\",\"PeriodicalId\":164597,\"journal\":{\"name\":\"Proceedings of the Central European Cybersecurity Conference 2018\",\"volume\":\"471 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Central European Cybersecurity Conference 2018\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3277570.3277586\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Central European Cybersecurity Conference 2018","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3277570.3277586","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The paper addresses the fundamental methodological problem of risk analysis and control in information technology (IT) -- the definition of risk as a subject of interest. Based on analysis of many risk concepts, we provide a consistent definition that describes the phenomenon. The proposed terminology is sound in terms of system analysis principles and applicable to practical use in risk assessment and control. Implication to risk assessment methods were summarized.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
