Search
Search Results
-
The Information Security Risks of the BYOD
176-185Views:236Today we cannot imagine our everyday lives without using our smart devices. While commuting we often get into people - even literally - who are doing their work on their portable devices 24 hours a day. This habit is widespread; there are many solutions that can be used by the corporation to have their employees work on their private devices, besides using it in their personal life. They can use these devices at their home, while commuting, or even while being at their own cubicle at the firm. In this article, we are concentrating on the IT risks of the firm with this work practice from a theoretical point of view. After this step, we will continue our research with investigating the problem of measuring and mitigating of these risks.
-
Security Oriented Process Management
344-364Views:345Abstract. Theoretical background of enterprise risk management can be considered as founded by the ISO 31000 standard family and the COSO recommendation. However, their application in a given company domain requires knowledge of the local environment, and professional experience. Nowadays risk management is still anchored to functional fields, or organisational units (logistics, finance, quality management, HR, IT, e.g.). According to the view of the authors, this approach could results in parallel, multiple regulations of risk management. This could be avoided by a holistic view, and a risk based analysis of company processes. Writing this study is aimed at three
major goals:
- providing an overview of the bases of process and risk management,
- proposing a professional idea to be used at risk management of processes (Is it possible to reduce business
risk by analysing availability of resources assigned to processes?),
- providing a review of standards and recommendations which can be used in process risk management. -
The Role of Information Security in the Business Processes
1-13Views:123Information security (namely, confidentiality, integrity, and availability of business-related data) is an issue which companies attach increasing importance nowadays. This is, however, not a self-centred goal to achieve, but an (additional) means businesses use to work towards security in their overall operations. In addition to briefly presenting two case studies on information security practices, this paper offers a survey of terms and management practices linked with process security. Business continuity planning and risk management techniques - as outlined here in connection with information protection controls - may cover all business processes at any company.
-
Project Risks and Risky Projects
164-189Views:355Projects are key drivers of organizational change, both their failure and success can have significant impact on the organizational performance. Risks may arise throughout the entire project life cycle. Managing these and initial project planning uncertainties is an important task of Project Management. The study describes the application of traditional project management tools and methods in risk analysis, -evaluation and -treatment based on modern project and risk management standards and recommendations. The authors also examine the link between classic project management objectives (project time - resources – scopes) and risk-based decision-making. The different scale and scope of projects call for different responses to the associated risks. The study highlights the possible role of the ISO 31000 risk management standard package in project risk management. The authors analyse the risk management of the different projects on the basis of processing relevant literature, including the relationship of the project stakeholders to the risks. R&D, agile projects and project portfolios have specific and complex risk exposures, but their project management can provide several „hidden” risk analysis and - treatment functions.