scholarly journals Information Security Risk Strategy at PT. X Using NIST SP 800-30

2021 ◽  
Vol 9 (3) ◽  
pp. 213
Author(s):  
I Gusti Ngurah Made Putra Eryawan ◽  
Gusti Made Arya Sasmita ◽  
Anak Agung Ketut Agung Cahyawan Wiranatha
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Risk Mitigation ◽  
Resource Planning ◽  
It Infrastructure ◽  
Security Risk ◽  
Potential Threat ◽  
Security Research ◽  
Information Security Risk ◽  
Research Show

Information security is a vital aspect that must be considered in use of information technology devices by active users. PT. X runs a business that applies information technology related to distribution aspects through company resource planning. Information technology formed assets IT infrastructure, information systems, operating procedures, and network infrastructure. This asset has a potential threat that causes disruption resulting losses. This problem arises to cope through the response to the risk strategy. NIST SP 800-30 method has a flexible risk perspective for the organization and federation standards of American security. Research is divided into risk measurement as a risk, risk mitigation as risk planning, and risk evaluation embodied risk reports. Results of the research show the value of risk through the calculation of the likelihood and impact matrix of the highest threat is at a low level is 14, medium at 12, and high of 4 are categorized good enough. Keywords: Risk Strategy, Information Security, NIST SP 800-30, Risk

Information Security Risk in the E-Supply Chain

2007 ◽  
pp. 142-161
Author(s):  
W. Baker ◽  
G. Smith ◽  
K. Watson
Keyword(s):  
Information Technology ◽  
Supply Chain ◽  
Information Security ◽  
Security Threats ◽  
Information Flows ◽  
Security Risk ◽  
Supply Chain Risk ◽  
It Integration ◽  
Information Security Risk ◽  
Increase In Risk

Collaboration between supply chain partners, facilitated by integration of information flows, has created more efficient and effective networks. However, the benefits of interconnectivity are not gained without risk. Though essential to support collaboration, increased use of information technology has removed internal and external protective barriers around an organization’s assets and processes. Thus, supply chains are better able to satisfy the needs of customers while more vulnerable to an array of IT-specific risks. This chapter identifies the sources of IT threats in the supply chain, categorizes those threats, and validates them by means of a survey of 188 companies representing a range of supply chain functions. Analysis suggests that supply chain risk is affected by IT threats, and therefore the benefits of collaboration facilitated by IT integration must exceed the increase in risk due to IT security threats.

scholarly journals Development of Metamodel on Information Security Risk Audit and Assessment for IT Assets in Commercial Bank

2018 ◽  
Vol 8 (2) ◽  
Author(s):  
Chen Kaiwen Clement ◽  
Siti Hajar Othman ◽  
Maheyzah Md Sirat
Keyword(s):  
Information Technology ◽  
Information Security ◽  
Commercial Bank ◽  
Commercial Banks ◽  
Regulatory Environment ◽  
Security Risk ◽  
Unified View ◽  
Information Security Risk ◽  
Information Assets ◽  
Regulatory Guideline

Nowadays, most fortunes of the commercial banks today are linked with Information Technology (IT) assets they possess and the way they audit their organizations IT assets. As information assets become the heart of commercial banks, Information Security Risk Audit and Assessment (ISRAA) is increasingly involved in managing commercial banks information security risk situations. ISRAA is an activity that analysis, audit, mitigates, and monitors the risks associated with IT assets. A more comprehensive and tighter regulatory environment is expected through the improvement on the ISRAA with clearer and appropriately defines regulatory guideline. This research creates a unified view of ISRAA in the form of a metamodel that can be seen as a language for this domain. A metamodeling process is applied to ensure that the outcome metamodel is complete and consistent. The metamodel is validated and refined to serve as a representational layer to unify, facilitate and expedite access to ISRAA expertise.

Information Security Risk Assessment Analysis of Quantitative Methods

2014 ◽  
Vol 687-691 ◽  
pp. 2015-2018
Author(s):  
Liang Hu ◽  
Yun Gen Hu
Keyword(s):  
Risk Assessment ◽  
Information Technology ◽  
Information Systems ◽  
Information Security ◽  
Quantitative Methods ◽  
Security Risk ◽  
Widespread Application ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
Social Dependence

The development of information technology is increasingly widespread application of information systems and social dependence on information systems is constantly increasing. Therefore, information security has become an important aspect of the development of information technology has an important impact on economic development and social security. Effective information security risk assessment is an important measure to improve information technology.

E-Business and Information Security Risk Management

2011 ◽  
pp. 596-614 ◽  
Author(s):  
Stefan Fenz
Keyword(s):  
Information Technology ◽  
Risk Management ◽  
Information Security ◽  
Everyday Life ◽  
Failure Probability ◽  
Security Risk ◽  
Research Directions ◽  
Information Security Risk ◽  
Almost All ◽  
Security Risk Management

For almost all private individuals and especially organizations, information technology (IT) including hardware, software, and data is an irreplaceable part of their everyday life/business. Thus, IT has to be protected in an adequate way to ensure that it delivers the expected services. Information security risk management (ISRM) helps to holistically protect the IT and to minimize their failure probability at reasonable costs. This chapter shows why ISRM is important for e-businesses, gives a brief overview about the ISRM history, describes current problems in ISRM, and presents novel ISRM methods as potential solutions to the stated problems. The chapter closes with an outlook on future ISRM research directions.

Sign in / Sign up

Export Citation Format

Share Document