engleski

DECISION SUPPORT BASED ON THE RISK ASSESSMENT OF INFORMATION SYSTEMS AND BAYESIAN LEARNING

Risk protection has long been one of the main tasks of companies in a wide scope of business. From extensive range of risks the cyber-risks highlight as one of the most important. Cyber- risks are generated from hackers, malicious software, disgruntled employees, competitors, and many other sources both internal and external. Internal and external attacks on corporate assets and rapidly growing technology forced corporate management to conduct more appropriate awareness of the information security risks to information assets. The information security risk assessment, when performed correctly, can give corporate managers the information they need in order to understand and control the risks to their assets. The risks are in much more detail analysed in economic sectors, but in recent years there is increasing of risk assessment practice in the world of information technology. The model presented in this paper integrates the management and analysis of information risks and decision- making theory and thus creates a framework for the integrated management information system based on the technological risk assessment and Bayesian learning. The paper shows simulation and two case study scenarios in which is presented a potentially wide range of usage.

Bayesian learning; information system risk; risk assessment; threats; vulnerabilities

nije evidentirano