information security risk
infoturvarisk; turvarisk
olemus
määramatuse toime teabe turvalisusele,
ohu potentsiaal tekitada kahju
teabe ja sellega kaasnevate varade turvalisuse rikkumisega;
mõõdetakse ohu realiseerumise sündmuse
võimalikkuse ja tagajärgedega
CNSSI 4009-2015:
the risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or information systems
ülevaateid
https://en.wikipedia.org/wiki/IT_risk
https://www.itgovernance.co.uk/iso27001/iso27001-risk-assessment
https://link.springer.com/article/10.1007/s10207-017-0382-0
http://www.infosecwriters.com/Papers/MHaythorn_Risk_Frameworks_guidelines.pdf
https://fenix.tecnico.ulisboa.pt/downloadFile/395139415147/resumo.pdf
https://downloads.hindawi.com/journals/am/2022/3383251.pdf
http://docshare01.docshare.tips/files/14399/143996738.pdf
standardid
https://www.iso.org/standard/80585.html
vt ka
- risk
- riskianalüüs