Value focused approach to information systems risk management
Information Systems (IS) risk management is a challenge to every organization, in that they are exposed to cyber-attacks that bypass physical barriers. Organizations increase online business in order to remain competitive, but as a consequence their online exposure becomes greater. However their ris...
| Autor principal: | |
|---|---|
| Outros Autores: | , |
| Formato: | conferenceObject |
| Idioma: | eng |
| Publicado em: |
2022
|
| Assuntos: | |
| Texto completo: | http://hdl.handle.net/10400.5/24722 |
| País: | Portugal |
| Oai: | oai:www.repository.utl.pt:10400.5/24722 |
| Resumo: | Information Systems (IS) risk management is a challenge to every organization, in that they are exposed to cyber-attacks that bypass physical barriers. Organizations increase online business in order to remain competitive, but as a consequence their online exposure becomes greater. However their risk management practices and governance are inadequate in the face of increasing new threats and vulnerabilities. This paper presents a Multi- Objective Decision Model for assessing Information Systems Risks. The decision model is based on the values and perceptions of stakeholders. It uses the Value-Focused Thinking approach, as opposed to the predominant Alternative-Focused Thinking. The objectives serve as a basis for decision making in the context of Information Systems risk management in complex managerial situations |
|---|