Journal article

SVOJANOVSKÝ Petr and KRESLÍKOVÁ Jitka. Řízení rizik v bezpečnosti služeb IT. European Risk Management. 2010, vol. 7, no. 1, pp. 1-12. ISSN 1802-0496.
Publication language:czech
Original title:Řízení rizik v bezpečnosti služeb IT
Title (en):Risk Management in IT Service Security
Pages:1-12
Place:CZ
Year:2010
Journal:European Risk Management, Vol. 7, No. 1, CZ
ISSN:1802-0496
URL:http://www.risk-management.cz/ [HTML]
Keywords
risk management, information security, service level, multi-domain environment
Annotation
This article brings a novel approach for optimized risk management in IT service information security. The new method is based on widely used international standards - best practices - for IT service management (ISO/IEC 20000) and Information security management system (ISO/IEC 27000). Firstly, the IT service information security approach is developed (based on a Service level management extension). Secondly, the authors suggest a new risk management approach, in which a multi-domain environment between the parties involved as well as their satisfaction is taken into consideration. Optimization in risk management is achieved through evaluation of relevancy and maturity of risk treatment controls on both sides of the contract. Finally, the results are presented on a real case study to enable risk analysts, IT service business owners and process engineers to apply the new methods in real business.
BibTeX:
@ARTICLE{
   author = {Petr Svojanovsk{\'{y}} and Jitka Kresl{\'{i}}kov{\'{a}}},
   title = {{\v{R}}{\'{i}}zen{\'{i}} rizik v bezpe{\v{c}}nosti
	slu{\v{z}}eb IT},
   pages = {1--12},
   journal = {European Risk Management},
   volume = {7},
   number = {1},
   year = {2010},
   ISSN = {1802-0496},
   language = {czech},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=9280}
}

Your IPv4 address: 23.20.9.71
Switch to IPv6 connection

DNSSEC [dnssec]