Towards a Hybrid Model for the Evaluation of Critical IT Systems

• Published in: Central European Conference on Information and Intelligent Systems pp. 249 - 255
• Main Authors: Maček, Davor, Magdalenie, Ivan, Redep, Nina Begičević
• Format: Conference Proceeding
• Language: English
• Published: Varazdin Faculty of Organization and Informatics Varazdin 01.01.2020
• Subjects: Decision making; Financial institutions; Information systems; Iterative methods; Multiple criterion; Security; Security management
• ISSN: 1847-2001; 1848-2295

Given that today's very complex and interconnected business processes meaningly rely on Internet communication with other business entities, organizations are increasingly exposed to numerous security threats and imminent risks. Due to the lack of all relevant information and the time and resource constraints, it is not possible to collect and process all necessary information about an information system so that it can be adequately evaluated within an acceptable timeframe, which puts the organization into a state of increased security risk. By studying the relevant literature and existing models and techniques used in practice, it was determined that there is no solution to the stated problem of multicriteria decisionmaking in conditions of uncertainty in the domain of information security. Thus, the proposal is to design a model for more efficient (in terms of costs and time) decision-making on the security state of a critical information system by selecting the appropriate IT solution. In this paper we will present the iterative steps of DSRM (Design Science Research Methodology) for development of a new hybrid multicriteria model for the purpose of evaluation, ranking and selection of critical IT systems.