MATEC Web of Conferences (Jan 2017)
Multi-faceted methodology of the risk analysis and management referring to the IT system supporting the processing of documents at different levels of sensitivity
Abstract
This article outlines the methodology of the IT system risk analysis and management, including various categories of risk factors significant from the point of view of the sensitive data processing and completeness of the procedure for determining the IT system risk level. The presented methodology is divided into the IT system risk analysis and the risk management method. The IT system risk level assessed by the risk analysis method described in this article constitutes an input value for the risk management method outlined in the further part hereof, referring to the IT systems used for the processing of documents at different levels of sensitivity.