Assessing Information Security Risk Management in Organizations

نوع المستند : • البحوث والدراسات والمقالات المستوفاة للقواعد العلمیة المتعارف علیها، والتى یجریها أو یشارک فى إجرائها أعضاء هیئة التدریس والباحثون فى الجامعات ومراکز البحوث المصریة والعربیة، وذلک باللغتین العربیة والإنجلیزیة .

المؤلف

Sadat Academy for Management Sciences

المستخلص

ABSTRACT
Information security risks are those risks that arise from the loss of confidentiality, integrity or availability of information or information systems and reflect the potential adverse impacts to organizational operations (i.e., goal, mission, functions, image and reputation), organizational assets, personnel, other organizations, and the country as a whole. Risk assessment is the process of identifying, estimating, and prioritizing information security risks. Assessing risk requires the useful analysis of threat and vulnerabilities information to determine the extent to which events or circumstances could adversely impact on organization/institution and the likelihood that such events or circumstances will occur. 

الموضوعات الرئيسية