SAFETY RISK ASSESSMENT OF INFORMATION SYSTEMS PROCESSING CONFIDENTIAL INFORMATION
Authors:
2.
Bryansk State Technical University
(Department of Information Security Systems, Head)
Bryansk, Bryansk, Russian Federation
Bryansk, Bryansk, Russian Federation
Type:
Article
Pages:
from 193
to 200
Status:
Published
Received:
24.06.2016
Accepted:
24.06.2016
Published:
24.06.2016
Language:
Russian
Keywords:
information systems, confidential information, estimate of safety risk, Churchman-Ackoff method
Abstract (English):
Confidential information processing in information systems under conditions of the universal informatization in both stateowned and private companies is an urgent problem. Many operators processing a trade secret or per-sonal data underestimate possible damage caused by the disclosure, deletion or change of confidential in-formation and afterwards become victims either of deliberate criminals or suits of workers whose rights were violated. In such a way, the safety risk assessment of confidential information processed in information systems is a priority trend both for an operator and for a subject of confidential information. As a result of the investigation carried out there was developed a procedure for risk assessment of information systems processing confidential information in which it is possible to define and process a critical group of threats, and also a system for the definition of sufficient and the best set of countermeasures among possible ones. At the intermediate and final stage there is defined a significance of an information safety risk witnessing of measures carried out for the assurance of confidential information safety.
Confidential information processing in information systems under conditions of the universal informatization in both stateowned and private companies is an urgent problem. Many operators processing a trade secret or per-sonal data underestimate possible damage caused by the disclosure, deletion or change of confidential in-formation and afterwards become victims either of deliberate criminals or suits of workers whose rights were violated. In such a way, the safety risk assessment of confidential information processed in information systems is a priority trend both for an operator and for a subject of confidential information. As a result of the investigation carried out there was developed a procedure for risk assessment of information systems processing confidential information in which it is possible to define and process a critical group of threats, and also a system for the definition of sufficient and the best set of countermeasures among possible ones. At the intermediate and final stage there is defined a significance of an information safety risk witnessing of measures carried out for the assurance of confidential information safety.
Keywords:
information systems, confidential information, estimate of safety risk, Churchman-Ackoff method
information systems, confidential information, estimate of safety risk, Churchman-Ackoff method
1. Code of the Russian Federation of Administrative Delinquency of 30.12.2001 №195-ФЗ (ed. от 31.12.2014) (withchanges and supplements came into force since 11.01.2015).
2. Official website “Business relationship group”.- access mode: http://www.brg-consulting.ru/.
3. SARS RF ISO/IEC 27005-2010. Information technology. Methods and means of information safety support. Management of information safety risk.
4. Methods of system quality assessment. Methods of expert assessments // Scientific Encyclopedia Book-Science. - Access mode: http://bookscience.ru.
