Skip to main content
SpringerLink
Log in

Development of the Technique for the Identification, Assessment and Neutralization of Risks in Information Systems

  • Conference paper
  • First Online:
Advances in Information and Communication (FICC 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1129))

Included in the following conference series:

Abstract

The article is devoted to the development of methods for identifying, assessing and neutralizing risks in order to ensure the reliability and security of information systems. The regulatory requirements for risk analysis in information systems have been developed. The methodology for analyzing information security risks in the banking sector has been developed and analyzed. Effective risk reduction strategies were used. Studied methods allow the user to receive a quantitative risk assessment of the system. This makes it possible to eliminate the need to use expensive resources to identify risks. Research was conducted on building an Information Security Risk Management System, measures and procedures for identifying, measuring, monitoring, controlling and minimizing information security risks. The purpose of the Information Security Risk Management System is to prevent and reduce the threat of negative consequences associated with the operation of information systems, as well as external factors affecting information systems. It is aimed at minimizing the risks in bank’s activities related to the violation of the integrity, confidentiality and availability of information systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 229.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 299.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Boranbayev, A., Boranbayev, S., Nurusheva, A., Yersakhanov, K.: The modern state and the further development prospects of information security in the republic of Kazakhstan. In: 15th International Conference of Information Technology, Information Technology – New Generations, pp. 33–38 (2018)

    Google Scholar 

  2. Boehm, B.W.: Software risk management: principles and practices. Softw. IEEE 8, 32–41 (1991)

    Article  Google Scholar 

  3. Charette, R.N.: Software engineering risk analysis and management. Intertext Publications (1989)

    Google Scholar 

  4. Higuera, R.P., Haimes, Y.Y.: Software Risk Management. DTIC Document (1996)

    Google Scholar 

  5. Boranbayev, A., Boranbayev, S., Yersakhanov, K., Nurusheva, A., Taberkhan, R.: Methods of ensuring the reliability and fault tolerance of information systems. In: 15th International Conference of Information Technology, Information Technology – New Generations, pp. 729–730 (2018)

    Google Scholar 

  6. Lough, K.G., Stone, R., Turner, I.: The risk in early design method. J. Eng. Des. 20(2), 155–173 (2009)

    Article  Google Scholar 

  7. Lough, K.G., Stone, R.B., Tumer, I.Y.: Implementation procedures for the risk in early design (red) method. J. Ind. Syst. Eng. 2(2), 126–143 (2008)

    Google Scholar 

  8. Krus, D., Grantham, K.: Generated risk event effect neutralization: identifying and evaluating risk mitigation strategies during conceptual design. In: INCOSE, Rome, pp. 1225–1237 (2012)

    Google Scholar 

  9. AlKazimi, M.A., Altabbakh, H., Murray, S., Grantham, K.: Evaluating generated risk event effect neutralization as a new mitigation strategy tool in the upstream industry. Proc. Manuf. 3, 1374–1378 (2015)

    Google Scholar 

  10. Grantham Lough, K., Stone, R., Tumer, I.: Prescribing and implementing the risk in early design (RED) method. In: Proceedings of DETC 2006, Philadelphia, USA, - Philadelphia, pp. 431–439 (2006). https://doi.org/10.1115/detc2006-99374

  11. Krus, D., Grantham, K.: Failure prevention through the cataloging of successful risk mitigation. Strategies 13, 712–721 (2013). https://doi.org/10.1007/s11668-013-9728-8

    Article  Google Scholar 

  12. Krus, D.A.: The risk mitigation strategy taxonomy and generated risk event effect neutralization method. Ph.D. thesis. Missouri, p. 176 (2012)

    Google Scholar 

  13. Lough, K.G., Stone, R.B., Tumer, I.Y.: The risk in early design (RED) method: likelihood and consequence formulations. In: Proceedings of DETC’06: ASME 2005 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference, pp. 1–11 (2007). https://doi.org/10.1115/detc2006-99375

  14. Vucovich, J.P., et al.: Risk assessment in early software design based on the software function-failure design method. In: Proceedings of the 31st Annual International Computer Software and Applications Conference, Institute of Electrical and Electronics Engineers (IEEE) (2007)

    Google Scholar 

  15. Grantham, K., Elrod, C., Flaschbart, B., Kehr, W.: Identifying risk at the conceptual product design phase: a web-based software solution and its evaluation. Mod. Mech. Eng. 2, 25–34 (2012)

    Article  Google Scholar 

  16. Yousefi, H.: Risk assessment and risk analysis in information security. In: 7th Conference on Quality & Productivity in Electronic Industry (2008)

    Google Scholar 

  17. Boranbayev, A.S.: Defining methodologies for developing J2EE web-based information systems. J. Nonlinear Anal.: Theory Methods Appl. 71(12), 1633–1637 (2009)

    Article  Google Scholar 

  18. Boranbayev, A., Mazhitov, M., Kakhanov, Z.: Implementation of security systems for prevention of loss of information at organizations of higher education. In: Proceedings of the 12th International Conference on Information Technology: New Generations (ITNG 2015), Las Vegas, Nevada, USA, pp. 802–804, 13–15 April 2015

    Google Scholar 

  19. Boranbayev, A., Boranbayev, S., Altayev, S., Seitkulov, Y.: Application of diversity method for reliability of cloud computing. In: Proceedings of the 2014 IEEE 8th International Conference on Application of Information and Communication Technologies-AICT2014, Astana, Kazakhstan, p. 244–248, 15–17 October 2014

    Google Scholar 

  20. Turskis, Z., Goranin, N., Nurusheva, A., Boranbayev, S.: A fuzzy WASPAS-based approach to determine critical information infrastructures of EU sustainable development. Sustain. (Switz.) 11(2), 424 (2019)

    Article  Google Scholar 

  21. Turskis, Z., Goranin, N., Nurusheva, A., Boranbayev, S.: Information security risk assessment in critical infrastructure: a hybrid MCDM approach. Inform. (Neth.) 30(1), 187–211 (2019)

    Article  Google Scholar 

  22. Boranbayev, S., Goranin, N., Nurusheva, A.: The methods and technologies of reliability and security of information systems and information and communication infrastructures. J. Theor. Appl. Inf. Technol. 96(18), 6172–6188 (2018)

    Google Scholar 

  23. Boranbayev, A., Boranbayev, S., Nurusheva, A.: Analyzing methods of recognition, classification and development of a software system. Adv. Intell. Syst. Comput. 869, 690–702 (2018)

    Google Scholar 

  24. Boranbayev, A., Boranbayev, S., Nurusheva, A.: Development of a software system to ensure the reliability and fault tolerance in information systems based on expert estimates. Adv. Intell. Syst. Comput. 869, 924–935 (2018)

    Google Scholar 

  25. Boranbayev, A., Shuitenov, G., Boranbayev, S.: The method of data analysis from social networks using apache Hadoop. Adv. Intell. Syst. Comput. 558, 281–288 (2018)

    Google Scholar 

  26. Boranbayev, A., Boranbayev, S., Nurusheva, A., Yersakhanov, K.: Development of a software system to ensure the reliability and fault tolerance in information systems. J. Eng. Appl. Sci. 13(23), 10080–10085 (2018)

    Google Scholar 

  27. Boranbayev, S., Nurkas, A., Tulebayev, Y., Tashtai, B.: Method of processing big data. Adv. Intell. Syst. Comput. 738, 757–758 (2018)

    Google Scholar 

  28. Akhmetova, Z., Boranbayev, S., Zhuzbayev, S.: The visual representation of numerical solution for a non-stationary deformation in a solid body. Adv. Intell. Syst. and Comput. 448, 473–482 (2016)

    Google Scholar 

  29. Boranbayev, S.N., Nurbekov, A.B.: Development of the methods and technologies for the information system designing and implementation. J. Theor. Appl. Inf. Technol. 82(2), 212–220 (2015)

    Google Scholar 

  30. Hritonenko, N., Yatsenko, Y., Boranbayev, S.: Environmentally sustainable industrial modernization and resource consumption: is the Hotelling’s rule too steep? Appl. Math. Model. 39(15), 4365–4377 (2015)

    Article  MathSciNet  Google Scholar 

  31. Akhmetova, Z., Zhuzbayev, S., Boranbayev, S., Sarsenov, B.: Development of the system with component for the numerical calculation and visualization of non-stationary waves propagation in solids. Front. Artif. Intell. Appl. 293, 353–359 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Nazarbayev University, Astana, Kazakhstan

    Askar Boranbayev

  2. L.N. Gumilyov Eurasian National University, Astana, Kazakhstan

    Seilkhan Boranbayev & Askar Nurbekov

Authors
  1. Askar Boranbayev
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seilkhan Boranbayev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Askar Nurbekov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Askar Boranbayev .

Editor information

Editors and Affiliations

  1. Faculty of Science and Engineering, Saga University, Saga, Japan

    Kohei Arai

  2. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Supriya Kapoor

  3. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Rahul Bhatia

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Boranbayev, A., Boranbayev, S., Nurbekov, A. (2020). Development of the Technique for the Identification, Assessment and Neutralization of Risks in Information Systems. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Advances in Information and Communication. FICC 2020. Advances in Intelligent Systems and Computing, vol 1129. Springer, Cham. https://doi.org/10.1007/978-3-030-39445-5_53

Download citation

Publish with us

Policies and ethics

Search

Navigation