Loading...
Please wait, while we are loading the content...
Similar Documents
Metodologias de gerenciamento de riscos em sistemas de tecnologia da informação e comunicação : abordagem prática para conscientização e implantação nas organizações
| Content Provider | Semantic Scholar |
|---|---|
| Author | Júnior, Admilson Gonçalves |
| Copyright Year | 2008 |
| Abstract | This article has the purpose to evidence of practical and applicable way a risks management methodologies and how its processes are useful to an organization to assess, to mitigate and to evaluate the risks that can affect your businesses. This document intent organize best practices of risks management, including norms, patterns examples of controls, vulnerabilities, threats and references that can be used in the implementation of management of risk process. The organizations have been concerned about important role of the information technology and communication (ITC) to accomplish the business-oriented objectives. Moreover, the privacy protection laws, financial obligations and the Corporative Governance have demanded that the organizations manage its ITC infrastructures with the caution and the effectiveness never before seen, in order to not place at risk itself, partners, collaborators, customers, suppliers and society, through not accomplishment of legal and contractual responsibilities. Manage infrastructures security and the associated commercial values have become the main challenge of the ITC departments. However, the high levels of integration and the sharing of aggressive environments of current ITC infrastructures require fast and necessary incidents response that can import risk of damages to the companies. Most of the time, the organizations are not sufficiently prepared to react with effectiveness against the threats, in other words, in the skillful time to prevent that its businesses are injured. Characterized for the preservation of information confidentiality, integrity and availability, the information security protects the organization assets aiming at to the continuity, reducing damages and increasing the business investments and opportunities. The main source that an organization has to identify security requirements is derived from the risks assessment, which is part of general and continuous risks management process, whose purpose is to reduce risks the acceptable levels for the organization. |
| File Format | PDF HTM / HTML |
| Alternate Webpage(s) | https://lume.ufrgs.br/bitstream/handle/10183/15965/000695222.pdf;jsessionid=763FCA35AE6D559990CE7CF6DF9F1029?sequence=1 |
| Language | English |
| Access Restriction | Open |
| Content Type | Text |
| Resource Type | Article |
