Information System Risk Management Paper Essay Example | Topics and Well Written Essays - 1500 words

Information System Risk Management Paper - Essay ExampleThreats to an organization sens be both from internal sources and external. While the motives may vary, the system is vulnerable to several risks. This paper will examine the vulnerabilities, the potential threats and the levels of trade protection that could help reduce the risks and allow uninterrupted workflow.Risk has been defined as the chance of exposure to the adverse consequences of future events (Egbuji, 1999). The likelihood and consequences have to be understood to provide for the function security measures. For a risk to be understandable, according to the Software Engineering Institute (SEI, 2006) of Carnegie Mellon University, it must(prenominal) be expressed clearly. This also implies that possible losses must be identified. Risks have to be assessed never-endingly and used for decision-making. In the field of computer technology and the information systems, technology enhancement is an ongoing process, whic h further necessitates continuous risk assessment. Besides, the losses due to lack of security controls could be in the areas of production, revenue, damaged reputation, and financial performance. Benefits of proper security measures could result in enhanced working(a) efficiency and competitive advantages (Kim, 2006). An organization must invest in IS security and know where to cut corners. They should be able to spell the difference between security success and disaster (Gupta and Hammond, 2006).According to SEI, seven principles provide the framework to establish effective risk worry. These include having a global perspective, the system should be at par with the larger systems, forward-looking view that is identifying and anticipating uncertainties, open communication information and communication at all levels should be free flowing, integrated risk management should be a vital and an integrated part of management, continuous regular upgradation and constant vigil, shared product vision having common purpose, shared