SCIENTIFIC PROGRESS
VOLUME 2
ǀ ISSUE 8
ǀ 2021
ISSN: 2181-1601
Uzbekistan
www.scientificprogress.uz
Page 293
AXBOROT XAVFSIZLIGI XAVFINI BAHOLASH
Abdumuxtor Maxammad o’g’li Umarov
Muhammad al-Xorazmiy nomidagi Toshkent axborot texnologiyalari universiteti
Farg’ona filiali
ANNOTATSIYA
Axborot xavfsizligi xavfini baholash korxonalarni
boshqarish amaliyotining
muhim qismi bo'lib, xavflarni qabul qilish mezonlari va tashkilotga tegishli maqsadlarga
nisbatan
xavflarni aniqlash, miqdor va ustuvorliklarni aniqlashga yordam beradi.
Xatarlarni boshqarish - axborot tizimiga ta'sir qilish qobiliyatiga ega bo'lgan xavfsizlik
xavflarini kamaytirish uchun axborot tizimining resurslariga salbiy ta'sir ko'rsatishi
mumkin bo'lgan hodisalarni aniqlash, boshqarish va bartaraf etish yoki kamaytirishdan
iborat jarayon, himoya vositalarining maqbul narxini hisobga olgan holda, xavf tahlili,
"xarajat samaradorligi" parametrini tahlil qilish va xavfsizlik quyi tizimini tanlash,
qurish va sinovdan o'tkazish, shuningdek, xavfsizlikning barcha jihatlarini o'rganish.
Kalit so’zlar: axborot xavflarini boshqarish; xavfsizlik xavfini baholash; xavflarni
tasniflash; OKTAVE; CRAMM; RiskWatch
INFORMATION SECURITY RISK ASSESSMENT
ABSTRACT
Information security risk assessment is an important part of enterprises’
management practices that helps to identify, quantify, and prioritize risks against criteria
for risk acceptance and objectives relevant to the organization. Risk management refers
to a process that consists of identification, management, and elimination or reduction of
the likelihood of events that can negatively affect the resources
of the information
system to reduce security risks that potentially have the ability to affect the information
system, subject to an acceptable cost of protection means that contain a risk analysis,
analysis of the “cost-effectiveness” parameter, and selection,
construction, and testing
of
the security subsystem, as well as the study of all aspects of security.
