Method of Analyzing and Estimating the Risk of an Information Resource

The article presents the author’s method of analyzing and estimating the risk of information resources/IT systems, taking into account the different categories of risk factors relevant for ensuring the completeness of the process of determining or determining the risk level of an information resource that is processed both traditionally and with the use of information systems. The method described is of a qualitative nature. It is divided into the stage of risk analysis and the stage of risk assessment of information resources. The objectivization element proposed in this paper is a departure from the use of risk assessment from traditional risk maps and the use of a vector whose components reflect a wide range of factors that have a significant impact on the current level of risk of the information resource.