Журнал «Современная Наука»

Russian (CIS)English (United Kingdom)
MOSCOW +7(495)-142-86-81

Risk assessment in the functioning information system

Klyuev Andrey Sergeevich  (postgraduate student Far Eastern Federal University, Vladivostok)

Fajzenger Aleksej Arkad'evich  (post-graduate student Far Eastern Federal University, Vladivostok)

Yuriev Dmitriy Ruslanovich  (graduate student Far Eastern Federal University, Vladivostok)

For any information system, the risk is the likelihood of destructive impact on its components through the implementation of a threat to information security. Accordingly, one of the most necessary components underlying the creation of an information security system is the methodology for risk assessment. This article is devoted to the investigation of the methodology for assessing information security risks. The methodological base of the terminology of information security is considered, which shows the relationship of risks with other components of the information security process. An example of a typical information system of the organization is also given. The methodology used is based on the expert methodology for risk analysis in accordance with ISO / IEC 27005-2011, which includes: asset identification, threat identification, vulnerability identification, identification of countermeasures taken, identification of consequences, risk measurement, impact assessment, risk measurement. The relevance of the topic at the moment is due to the ever-increasing number of cyberthreats, the activity of intruders in the information environment, as well as the transition from a threat-oriented method of developing information security systems to a risk-oriented approach. The result of the work can be used in the construction of information security systems in various organizations, regardless of their scale and scope.

Keywords:risk, threat, vulnerability, incident, asset, confidentiality, integrity, accessibility, probability, consequences, countermeasure.

 

Read the full article …



Citation link:
Klyuev A. S., Fajzenger A. A., Yuriev D. R. Risk assessment in the functioning information system // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2018. -№05. -С. 105-109
LEGAL INFORMATION:
Reproduction of materials is permitted only for non-commercial purposes with reference to the original publication. Protected by the laws of the Russian Federation. Any violations of the law are prosecuted.
© ООО "Научные технологии"