FBIM Transactions
SECURITY RISK MANAGEMENT MODEL
Abstract
Today, world wide, there are many developed models for managing seciruty risks, and within theese thesis the developed model with eigh phases will be represented. The phase “Business System Identification” should identify all objects of a business system, the activities realised within it and the employees, because these potentially can be jeopardized by some threat. Therefore, it is necessary to make an estimate why and how a potential unpredictable event could influence a business system and all of its resources, as well as it should be determined whether potential unpredictable event, which could cause certain threat, represents the event which would cause damage which business system must not allow, or a specific potential event is irrelevant for it. In the phase “Threat Estimate” potential specific threats and sistuations in which these may occur are predicted. In this phase security risk estimate is not made, but the necessary information and instructions which will be used for the estimate are gathered. “Vulnerability Estimate“ is the phase of a security risk management model in which the strength and weakness of a business system should be recognized, rlated to security measures which protect the system from the surrounding influences. In the next phase the security risk estimate is realised. All available, relevant (direct and indirect) security related information are combined, in order to identify potential influence and probability of the occurence of potential threat on business system, i.e. to get current level of security risk. In the phase „Security Measures and Startegies“ their development and creation is realised, in order to accomplish the reduction of probable occurence of security risk and its harmful (dangerous) influence by their application. In the phase „Decision Making“ it is necessary to bring the decisions related to priorities, logistis support, timelines, financials, etc. This phase is realised in three steps, as follows: (1) The procedure for reducing security risk to acceptable level, (2) Setting the priorities, and (3) Approving financials and necessary resources. After this phase, the preparation and implementation of developed security measures is relaised, by this model. At the end, the estimate of everything done is made, potential, necessary corrections are realised, as well as the preparation for future modernization of security measures and strategies is made.
Keywords
identification, security risk, security measures and strategy
Full Text:
PDF (Serbian)References
Adamović, Ž., Jovanov, G., & Meza, S. (2008). Upravljanje rizikom. Univerzitet u Novom Sadu. Tehnički fakultet „Mihajlo Pupin“, Zrenjanin.
Adamović, Ž., Voskresenski, V., & Tul, R., (2007). Održavanje na bazi rizika. TEHDIS, Beograd
Adamović, Ž., Milošević, Ž., i dr. (2008). Modeli održavanja na bazi rizika. Društvo za energetsku efikasnost Bosne i Hercegovine, Banja Luka.
George, E. Rejda. (2005). Principles of Risk Management and Insurance. Ninth Edi¬tion, Addisom Wesley, Boston.
Starčević, J., Ilić, M., & Paunović-Pfaf, J.(2010) Priručnik za procenu rizika, Globe Design, Beograd.
Vujović, R., Jovanović, S., & Todorović, J. (2003). Unapređenje metoda upravljanja rizikom u industrijskim postrojenjima, Tokovi osiguranja, (1-2).
Refbacks
- There are currently no refbacks.