Information Systems Risk Management: Key Concepts and Business Processes

Information systems risk management is as a problem area extremely wide, complex and of an interdisciplinary nature, which highlights the importance of having an adequate understanding of the many concepts that are included in the area. Dealing with definitions of those concepts is a somewhat 'boring' task, however probably it can be considered to be an important one. In the second part of this article my attempt is to move to perhaps more 'exciting' things, namely to highlight the significant importance that business processes and internal controls have in IS risk management.

[1]  W. Caelli,et al.  Information Security Handbook , 1991 .

[2]  M. Kendall,et al.  The Logic of Scientific Discovery. , 1959 .

[3]  Peter Checkland,et al.  Systems Thinking, Systems Practice , 1981 .

[4]  T. Finne A DSS for information security analysis: computer support in a company's risk management , 1996, 1996 IEEE International Conference on Systems, Man and Cybernetics. Information Intelligence and Systems (Cat. No.96CH35929).

[5]  Kalle Lyytinen,et al.  Information Systems Development and Data Modeling: Philosophical Foundations , 1995 .

[6]  Donn B. Parker,et al.  Information Security in a Nutshell , 1997, Inf. Secur. J. A Glob. Perspect..

[7]  Jay F. Nunamaker,et al.  Systems Development in Information Systems Research , 1990, J. Manag. Inf. Syst..

[8]  Thomas Finne The information security chain in a company , 1996, Comput. Secur..

[9]  Salvatore T. March,et al.  Design and natural science research on information technology , 1995, Decis. Support Syst..

[10]  Andrew B. Whinston,et al.  Foundations of Decision Support Systems , 1981 .

[11]  Richard L. Nolan,et al.  Managing the computer resource , 1973, Commun. ACM.

[12]  W. Caelli,et al.  Information Security for Managers , 1989, Palgrave Macmillan UK.

[13]  Steve Watt Computer security manager , 1989 .

[14]  Greg Laugero,et al.  Managing Knowledge , 1998 .

[15]  Andrew B. Whinston,et al.  Decision Support Systems: A Knowledge Based Approach : , 1996 .