Assessment of information security risks for construction enterprises
Journal: Вестник МГСУ / Vestnik MGSU (Vol.17, No. 11)Publication Date: 2022-11-30
Authors : Shchepkina Natalia N.;
Page : 1574-1585
Keywords : information security; risk; risk assessment; method; factors; probability; damage;
Abstract
Introduction. The instability of the global economy, caused by the macroeconomic and geopolitical uncertainty, put forward new information security (IS) requirements applicable to enterprises operating in various industries. The result is a different vision of the problem of IS risk assessment. Systems of IS risk assessment used in international practice were analyzed; their weaknesses were identified in this article. These weaknesses were used by the author as the basis for choosing an approach to IS risk assessment. The approach chosen to assess the IS risk in accordance with the international FAIR standard was based on the factor analysis of the IS risk. Materials and methods. The author used the research techniques that belong to the group of analytical methods (analysis, classification, and comparative analysis). They allow developing an integrated solution in terms of the choice of an approach to the IS risk assessment for a construction enterprise in accordance with the FAIR international standard. The Russian IS risk assessment regulatory and legal framework, international IS risk assessment standards, as well as information taken from open-access Russian and foreign sources were used. Results. A consistent solution contributed to the choice of an approach to the IS risk assessment in accordance with the international FAIR standard and the formation of a set of factors needed for a factor analysis of IS risks typical for a construction enterprise. The proposed system of factors takes into account the practical experience, accumulated by IS enterprises operating in various industries and relevant theoretical developments presented in research papers. Conclusions. In the course of analyzing the problem in question, the author succeeded at choosing an approach to IS risk assessment at construction enterprises. This approach encompasses a qualitative and quantitative assessment of factors triggering IS risks in accordance with the international FAIR standard.
Other Latest Articles
- The problem of definitions and classification of theoretical models of construction planning, design preparation and building technology
- Using network modelling methods to improve the foam glass production technology
- Classification of information models in BIM using artificial intelligence algorithms
- Optimization of engineering solutions used to develop the underground spaces of existing buildings
- Practical tools of an integrated construction cost management system
Last modified: 2023-02-28 22:47:14