The Impact of Information System Risk Management on the Frequency and Intensity of Security Incidents

Authors

  • Hrvoje Očevčić Addiko Bank d.d. Slavonska avenija 6, Zagreb, Croatia
  • Krešimir Nenadić Josip Juraj Strossmayer University of Osijek, Faculty of Electrical Engineering, Computer Science and Information Technology Osijek Kneza Trpimira 2B, Osijek, Croatia
  • Krešimir Šolić Josip Juraj Strossmayer University of Osijek, Faculty of Medicine Cara Hadrijana 10/E, Osijek, Croatia
  • Tomislav Keser Josip Juraj Strossmayer University of Osijek, Faculty of Electrical Engineering, Computer Science and Information Technology Osijek Kneza Trpimira 2B, Osijek, Croatia

DOI:

https://doi.org/10.32985/ijeces.8.2.1

Keywords:

downtime, risk assessment, risk mitigation, security incidents

Abstract

The survey identified positive effects of work on information security risk management. Regarding the survey results of information system incidents, a significant reduction was recorded in the number of system downtime incidents. The scope of implementation of the risk assessment methodology is the whole ICT system, and therefore the implementation covers all parts of information assets. Positive effects are obtained by reducing the risk by known mitigation methods. Technical details of the implemented control measures were not considered in this paper. In accordance with the standards used in methodology development, significant and increasing levels of user awareness of ICT systems have been considered. The effects of all implemented measures have resulted in a significant increase in the availability of parts of ICT systems.

Downloads

Published

2018-01-27

Issue

Section

Original Scientific Papers