Enterprise Information Technology Security: Risk Management Perspective

The risk connected with the wide application of information technologies in business grows together with the increase of enterprise's correlation from its customers, business partners and outsourced operations. Technological progress generates dependencies which evoke growth of diversities, complexity, non-descriptiveness and quantity of risk factors. In insufficient investments on information security the issue of IT risk management becomes more significant, concentrating on searching optimal proportion between threats and costs of IT systems protections. In such a dynamic development of Information Technologies the time needed for appropriate reaction on risk is decidedly shortened. The lack of appropriate preparation may lead the company to collapse, thus appropriate reaction on risk constitutes about possibilities of survival and development of enterprise. The problem of IT risk management is very complex issue. One of the most important stages of this process is risk analysis, used for optimization, and correctly for minimizations of losses connected with risk. The article presents the issue of IT security risk management, discusses the most significant stage of risk management which is IT security risk analysis. Chosen computer applications supporting these processes will be presented. Selected research connected with IT security risk management will be also discussed.