Abstract
The use of technology in all areas of knowledge has become something fundamental, and the high data traffic has made it imperative to act in adherence to appropriate information security standards. Considering all existing risks, efficient risk analysis and management is of great importance to ensure that the three pillars of information security - confidentiality, integrity, and availability - are implemented and remain present in any organization that understands its data and information as some of its most valuable assets. In this process, thorough analyses must be routine, aiming to check for possible vulnerabilities (both physical and logical) which may lead to tangible and intangible losses for the interested organization. Information security failures directly impact an organization in economic, strategic, operational, market aspects, etc., and therefore, preventive measures, systematized security controls, checks, and continuous improvements are indispensable milestones. This work presents a methodology for the analysis and management of risks concerning data and information of an organization, offering detailed documentation in the form of an action plan, focusing especially on risk analysis and management, in order to mitigate problems related to data and information security, a valuable asset for the generation of knowledge inherent to the business in question.
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call