The IS risk analysis based on a business model
- Authors
- Suh B.; Han I.
- Issue Date
- Dec-2003
- Publisher
- Elsevier BV
- Citation
- Information and Management, v.41, no.2, pp 149 - 158
- Pages
- 10
- Journal Title
- Information and Management
- Volume
- 41
- Number
- 2
- Start Page
- 149
- End Page
- 158
- URI
- https://scholarworks.sookmyung.ac.kr/handle/2020.sw.sookmyung/149036
- DOI
- 10.1016/S0378-7206(03)00044-2
- ISSN
- 0378-7206
1872-7530
- Abstract
- The disruption of operations due to IS failure becomes more important as IS has become an increasingly essential component of the organization's operations and can affect its strategic objectives. Nevertheless, traditional IS risk analysis methods do not adequately reflect the loss from disruption of operations in determining the value of IS assets. Quantitative methods do not measure the loss from disruption of operations. Qualitative methods consider the loss, but their results are subjective and not suitable for cost-benefit decision support. There is a lack of systematic methods to measure the value of IS assets from the viewpoint of operational continuity. This study presents an IS risk analysis method based on a business model. The method uses a systematic quantitative approach dealing with operational continuity: the importance of various business functions and the necessity level of various assets are first determined. The value of each asset is then determined based on these two levels. The proposed method adds the first stage, organizational investigation, to traditional risk analysis. The process of the method utilizes various methodologies such as paired comparison, asset-function assignment tables, and asset dependency diagrams. ? 2003 Elsevier Science B.V. All rights reserved.
- Files in This Item
-
- Appears in
Collections - 경상대학 > 경영학부 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.