Advanced

Managing risks on critical IT systems in public service organizations

Li Helgesson, Yeni LU (2009) The 2009 IEEE International Conference on Privacy, Security, risk and Trust(PASSAT-09)/ Workshop on Software Security Process (SSP09) In 2009 International Conference on Computational Science and Engineering 3. p.470-475
Abstract
Public service organizations rely on IT systems to fulfill their missions. IT incidents are more and more frequent and the impacts of IT incidents on the organizations are getting more severe. There is a strong need to manage risks on service related IT systems in public service organizations. Risk management process practiced in software development companies cannot be used in public service organizations directly, due to differences in business processes. This paper presents a risk management model for these kinds of organizations. The methods of using the model to manage risks are illustrated in an example where a number of identified risks are analyzed and risk reduction activities are identified. How to make risk management a... (More)
Public service organizations rely on IT systems to fulfill their missions. IT incidents are more and more frequent and the impacts of IT incidents on the organizations are getting more severe. There is a strong need to manage risks on service related IT systems in public service organizations. Risk management process practiced in software development companies cannot be used in public service organizations directly, due to differences in business processes. This paper presents a risk management model for these kinds of organizations. The methods of using the model to manage risks are illustrated in an example where a number of identified risks are analyzed and risk reduction activities are identified. How to make risk management a continuous and regular event is also suggested. This model can be practiced by public service organizations directly and enrich their own risk list continuously. (Less)
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Public service organizations, Risk management, Critical IT systems
in
2009 International Conference on Computational Science and Engineering
volume
3
pages
470 - 475
publisher
IEEE--Institute of Electrical and Electronics Engineers Inc.
conference name
The 2009 IEEE International Conference on Privacy, Security, risk and Trust(PASSAT-09)/ Workshop on Software Security Process (SSP09)
external identifiers
  • Scopus:70849112709
ISBN
978-0-7695-3823-5
DOI
10.1109/CSE.2009.31
project
FRIVA
language
English
LU publication?
yes
id
6af6eb20-1c78-48f7-9dc0-4f479ee11656 (old id 1485558)
date added to LUP
2009-10-05 07:21:22
date last changed
2017-01-01 07:56:07
@inproceedings{6af6eb20-1c78-48f7-9dc0-4f479ee11656,
  abstract     = {Public service organizations rely on IT systems to fulfill their missions. IT incidents are more and more frequent and the impacts of IT incidents on the organizations are getting more severe. There is a strong need to manage risks on service related IT systems in public service organizations. Risk management process practiced in software development companies cannot be used in public service organizations directly, due to differences in business processes. This paper presents a risk management model for these kinds of organizations. The methods of using the model to manage risks are illustrated in an example where a number of identified risks are analyzed and risk reduction activities are identified. How to make risk management a continuous and regular event is also suggested. This model can be practiced by public service organizations directly and enrich their own risk list continuously.},
  author       = {Li Helgesson, Yeni},
  booktitle    = {2009 International Conference on Computational Science and Engineering},
  isbn         = {978-0-7695-3823-5},
  keyword      = {Public service organizations,Risk management,Critical IT systems},
  language     = {eng},
  pages        = {470--475},
  publisher    = {IEEE--Institute of Electrical and Electronics Engineers Inc.},
  title        = {Managing risks on critical IT systems in public service organizations},
  url          = {http://dx.doi.org/10.1109/CSE.2009.31},
  volume       = {3},
  year         = {2009},
}