Information System Security - Essay Example

31): Computer systems thus have to be constantly available, secure and accurate. To ensure this, adequate and effective risk management practices must be in place – that is, risk management must be effectively integrated into an organization’s existing security model, having readily available solutions for security threats and being ever vigilant for novel security threats as they develop. The purpose of this study is to identify the role of risk management as part of the security model of modern information systems.

To address this objective, the researcher primarily undertook a comprehensive review of related literature. The gained knowledge is then applied to a case study to illustrate the potential value of the area under investigation. For ensuring system security, an organisation ought to implement an efficient security model and carry out certain analyses and implementation steps. This Question will research how Risk management is defined in the literature and of which components it consists of. In addressing risk management, the role of risk analysis is investigated as an important tool in analysing the shortcomings of an organisation’s security system.

It will then identify the different methods available to organisations to implement a sound risk management paradigm. For the identification of the risks faced by modern information systems, the researcher identified and presented the most common risks and threats a modern information system faces today and how they have developed over time. The study investigated several external and internal risks and the technologies used by people who pose threats. The researcher proceeds with a detailed analysis of the available technologies for risk reduction in information systems.

Dutta & McCrohan (2002) assert that commercial operations have always been wrought with security problems, and over the years, several ways of responding to these issues have evolved. The increasing popularity