In this period of grave economic uncertainty, organizations have to manage increasingly complicated situations in an environment that is subject to massive and rapid evolution. A solely intuitive approach to risk management is no longer sufficient when considering the need to optimize investments in relation to security. It is necessary to find the often difficult balance between the cost of risks and their mitigation so as to ensure that organizations can realize their objectives in a reasonable and durable manner. The aim of this paper is to demonstrate the strong need for information system owners and managers to rely upon an effective risk analysis methodology for decision making related to efficient security measures in order to enhance business performance. We present a methodological approach. A case study and description of real-life experiences are presented in order to illustrate the applicability of this approach.
The URI to TrackBack this entry is: https://iglitashi.wordpress.com/2010/04/11/reasonable-security-by-effective-risk-management-practices-from-theory-to-practice/trackback/