Value focused approach to information systems risk management
Information Systems (IS) risk management is a challenge to every organization, in that they are exposed to cyber-attacks that bypass physical barriers. Organizations increase online business in order to remain competitive, but as a consequence their online exposure becomes greater. However their ris...
| Main Author: | |
|---|---|
| Other Authors: | , |
| Format: | conferenceObject |
| Language: | eng |
| Published: |
2022
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10400.5/24722 |
| Country: | Portugal |
| Oai: | oai:www.repository.utl.pt:10400.5/24722 |
| Summary: | Information Systems (IS) risk management is a challenge to every organization, in that they are exposed to cyber-attacks that bypass physical barriers. Organizations increase online business in order to remain competitive, but as a consequence their online exposure becomes greater. However their risk management practices and governance are inadequate in the face of increasing new threats and vulnerabilities. This paper presents a Multi- Objective Decision Model for assessing Information Systems Risks. The decision model is based on the values and perceptions of stakeholders. It uses the Value-Focused Thinking approach, as opposed to the predominant Alternative-Focused Thinking. The objectives serve as a basis for decision making in the context of Information Systems risk management in complex managerial situations |
|---|