期刊名称:Journal of Information and Organizational Sciences
印刷版ISSN:1846-3312
电子版ISSN:1846-9418
出版年度:2006
卷号:30
期号:1
页码:63-81
出版社:Faculty of Organization and Informatics University of Zagreb
摘要:In the process of development of the security system of the information system, the risk assessment is the foundation for selection of the security measures. The reduction of the level of risk and the amount of costs depend upon the adequate selection of the security measures. The quality of the risk assessment depends upon the adequate assessment of the form and the intensity of the threats. If the forms of threats are not monitored in the business system, it should make its own threat assessment, or use experience of others. The best, but also the most time-consuming solution is to develop own security system, while the fastest way is to use experience of others. However, there is the problem of migration of some other solution to our own system. Depending upon the question whether we are adopting the experiences of domestic or foreign business systems, the question of the applicability to the system from the different business environment becomes relevant. This happens because of the significant differences in the form and intensity of threats in certain local environments or different branches of industry.
