TITLE:
Systematizing IT Risks
AUTHORS:
Georg Disterer
KEYWORDS:
IT Risk, IT Security Risk, IT Risk Management, COBIT, ISO 27000
JOURNAL NAME:
Journal of Information Security,
Vol.10 No.4,
October
14,
2019
ABSTRACT: IT
risks—risks associated with the operation or use of information technology—have
taken on great importance in business, and IT risk management is accordingly
important in the science and practice of information management. Therefore, it
is necessary to systematize IT risks in order to plan, manage and control for
different risk-specific measures. In order to choose and implement suitable
measures for managing IT risks, effect-based and cause-based
procedures are necessary. These procedures are explained in detail for IT
security risks because of their special importance.