In the modern era, where new technologies and information systems are deeply integrated into our daily lives, organizations heavily rely on them to conduct their operations. However, this reliance also exposes them to potential risks. Even the slightest
malfunction, interruption, or unauthorized intrusion into these systems can lead to significant costs, either in direct financial losses or in the form of reduced operational efficiency.
Organizations and public entities encounter a major challenge in comprehending and
choosing appropriate tools that align with their requirements, as well as tailoring these
tools to suit their specific needs. Additionally, ensuring the suitable and effective application of these tools poses a significant difficulty. This complexity arises from the fastpaced technological advancements, making it challenging for organizations to make
well-informed decisions regarding tool selection. These decisions are critical as they
ultimately aim to minimize information security risks and manage them in a financially
sustainable manner.
This dissertation primarily aimed to elucidate the methodologies used to recognize and
address risks, followed by an exploration of the strategies employed to continuously
monitor their development over time.
In the initial part, the dissertation delves into an examination of literature, focusing on
the fundamental notions of risks and risk management. Furthermore, it thoroughly explores the risk management life cycle, encompassing stages such as framework definition, identification, analysis, assessment, response, control, monitoring, as well as
communication and consultation. Lastly, the document touches upon essential aspects
of information systems, while also analyzing various methodologies employed to enhance their security.
The second segment focuses on a case study involving a public entity and its assets.
Specifically, it describes the assets employed by the entity, detailing its services and
general functionalities. Leveraging data and insights obtained from the literature review,
the study analyzes how these asset aids in effectively managing data within the organization. The ultimate objective is to proactively prevent unfavorable events and promote
desirable outcomes.
-iiiSubsequently, the threats and vulnerabilities are associated with the assets and further
analyzed and evaluated. In conclusion, comprehensive risk sheets and specific reports
are generated with the aid of MONARC to provide a comprehensive understanding of
the risk landscape concerning the public entity and its valuable assets.
In the final section, the research draws significant conclusions highlighting the criticality of the risk management process within public entities. It underscores that the absence
of an effective risk management approach can give rise to a wide range of issues, varying from minor to severe, and in extreme cases, even leading to loss of life. This emphasizes the paramount importance of implementing robust risk management strategies to
safeguard against potential hazards and ensure the well-being and success of the public
entity.
Collections
Show Collections