Please use this identifier to cite or link to this item:
http://cris.utm.md/handle/5014/401
Title: | Analysis and treatment of risks in information systems | Authors: | LISNIC, Inga SCROB, Sergiu COJUHARI, Irina |
Keywords: | risk;information systems;impact;probability;vulnerability | Issue Date: | 2019 | Source: | LISNIC, Inga; SCROB, Sergiu; COJUHARI, Irina. Analysis and treatment of risks in information systems. In: Electronics, Communications and Computing. Editia a 10-a, 23-26 octombrie 2019, Chişinău. Chișinău, Republica Moldova: Universitatea Tehnică a Moldovei, 2019, p. 48. ISBN 978-9975-108-84-3. | Conference: | Electronics, Communications and Computing | Abstract: | The risk is the mathematical estimation of the probability of human loss, material damage, environmental damage, social and psychological damage, over a reference period, respectively future and in a given area, for a certain type of risk event. Risk is defined as a product between the probability of the disaster occurring and its impact [1]. Risks exist in all information systems, but they do not necessarily occur. Most experts are of the opinion: the sooner the potential danger will be determined, the more time it will remain for the team of designers to neutralize it or minimize the losses. Thus, the identification of risks must be carried out at the beginning of the works on the information systems. The risks that affect a system and that must be considered at the estimation stage can be differentiated as inherent risks, control risks and undetected risks. These factors have a direct impact on the degree of risk of the audit, which can be defined as the risk that the information / financial report could contain material errors that could go undetected during the audit. Risk management must be subordinated to the objectives that form an integrated, coherent and convergent system towards the general objectives, so that the activity levels are mutually supportive [2]. In order to manage the risks in an organization, it is necessary, first of all, to know these risks and to identify them. Risk identification is the first step in building the risk profile of an organization. The risks must be identified at any level where it is noticed that there are consequences on reaching the objectives and specific measures can be taken to solve the problems, raised by the respective risks. |
URI: | http://cris.utm.md/handle/5014/401 | ISBN: | 978-9975-108-84-3 |
Appears in Collections: | Conference Abstracts |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
48-48_12.pdf | 198.61 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.