risk assessments process to be relatively simple to use, will it produce anything of worth? Alternatively, if we build a comprehensive and complete risk assessment model, will it be so complex as to be impractical, and therefore worthless in a different way? -> 만약 우리가 사용하기에 간단한 위험평가를 만든다면 이것은 가치를 생산해 낼 수 있나? 반대로 좀 더
Regulation of IT Risk
In order to regulate the IT risk, governments work to address threat to computer crime. For example, representatives of 29 countries - including Canada, Japan and the U.S. – signed the Council of Europe Cybercrime convention in 2001. The convention deals with substantive and procedural cybercrime law. The substantive defines the following activities as crimina
A country of High CR
▪ A country of High CR: China
▪ RISK ASSESSMENT
Good resilience in 2009 thanks to the economic stimulus programme with a rebound expected in 2010
The economy began to slow in 2008 due mainly to domestic imbalances (overcapacity in several sectors) and policies that remained restrictive too long. And these domestic factors were compounded by the cont
Recent Situation
“ internal information security attacks are outgrowing external
attacks at the world’s largest financial institutions”
(The Global Security Survey): Only 20% of the respondents in security survey strongly
believed that Information security should be a CEO-level priority
Ernst and Young(2004)
2) IT liability risk management
: The corporations should install f
1. Imagine you are Bill. How would you explain to Mary the relationship between risk and return of individual stocks?
-기대수익율과 위험(Expected Rate of Return and Risk)-
먼저, 개인주식의 수익률과 위험과의 관계를 설명하기 전에 그에 대한 개념부터 알아야 할 필요가 있다. 수익률은 보통 기대수익률을 말하는데, 기대수익률은