ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Assessment of information security risks for construction enterprises

Journal: Вестник МГСУ / Vestnik MGSU (Vol.17, No. 11)

Publication Date:

Authors : ;

Page : 1574-1585

Keywords : information security; risk; risk assessment; method; factors; probability; damage;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

Introduction. The instability of the global economy, caused by the macroeconomic and geopolitical uncertainty, put forward new information security (IS) requirements applicable to enterprises operating in various industries. The result is a different vision of the problem of IS risk assessment. Systems of IS risk assessment used in international practice were analyzed; their weaknesses were identified in this article. These weaknesses were used by the author as the basis for choosing an approach to IS risk assessment. The approach chosen to assess the IS risk in accordance with the international FAIR standard was based on the factor analysis of the IS risk. Materials and methods. The author used the research techniques that belong to the group of analytical methods (analysis, classification, and comparative analysis). They allow developing an integrated solution in terms of the choice of an approach to the IS risk assessment for a construction enterprise in accordance with the FAIR international standard. The Russian IS risk assessment regulatory and legal framework, international IS risk assessment standards, as well as information taken from open-access Russian and foreign sources were used. Results. A consistent solution contributed to the choice of an approach to the IS risk assessment in accordance with the international FAIR standard and the formation of a set of factors needed for a factor analysis of IS risks typical for a construction enterprise. The proposed system of factors takes into account the practical experience, accumulated by IS enterprises operating in various industries and relevant theoretical developments presented in research papers. Conclusions. In the course of analyzing the problem in question, the author succeeded at choosing an approach to IS risk assessment at construction enterprises. This approach encompasses a qualitative and quantitative assessment of factors triggering IS risks in accordance with the international FAIR standard.

Last modified: 2023-02-28 22:47:14