MANAGING IT RISKS - CHALLENGE FOR ALL ORGANIZATIONS

Now more than ever, organizations are accountable for the way they conduct business transactions, keep financial records, and ensure the safety of critical data and IT processes. Any organization is exposed to internal and external threats that show the existence of security breaches resulting from inadequate internal controls are reminding organizations of the need to implement sound security policies and procedures to safeguard IT assets and corporate data. Securing and operating today's complex systems is challenging and demanding. Hardly a day passes without alarming news of some major cyber crime, newly uncovered security vulnerabilities or massive attacks via worms, spam, Trojans and viruses. In the same time the organizations are exposed to internal frauds, the statistics constant show that the main attacks are initiated by the employees or ex-employees. Furthermore, systems and networks today are highly inter-connected. This means that cyber attacks often trigger a long-lasting, "domino" effect across all connected systems and generate damage far more extensive than ever before. The present paper presents the authors research results regarding IT risk management underlying the impact of the inadequate IT risk management on the organizations' activity, the necessity to built a global IT risk solution and manage all the risks, no matter of their nature in a holistic approach.