IT risk | EPFL Graph Search

Êtes-vous un étudiant de l'EPFL à la recherche d'un projet de semestre?

Travaillez avec nous sur des projets en science des données et en visualisation, et déployez votre projet sous forme d'application sur GraphSearch.

Découvrez-en plus sur les applications Graph.

Information technology risk, IT risk, IT-related risk, or cyber risk is any risk relating to information technology. While information has long been appreciated as a valuable and important asset, the rise of the knowledge economy and the Digital Revolution has led to organizations becoming increasingly dependent on information, information processing and especially IT. Various events or incidents that compromise IT in some way can therefore cause adverse impacts on the organization's business processes or mission, ranging from inconsequential to catastrophic in scale. Assessing the probability or likelihood of various types of event/incident with their predicted impacts or consequences, should they occur, is a common way to assess and measure IT risks. Alternative methods of measuring IT risk typically involve assessing other contributory factors such as the threats, vulnerabilities, exposures, and asset values. Definitions ISO IT risk: the potential that a given

À propos de ce résultat

Cette page est générée automatiquement et peut contenir des informations qui ne sont pas correctes, complètes, à jour ou pertinentes par rapport à votre recherche. Il en va de même pour toutes les autres pages de ce site. Veillez à vérifier les informations auprès des sources officielles de l'EPFL.

Publications associées (20)

Publications associées

Chargement

Personnes associées (3)

Personnes associées

Chargement

Unités associées (4)

Unités associées

Chargement

Concepts associés (10)

Concepts associés

Chargement

Cours associés (6)

Cours associés

Chargement

Séances de cours associées (10)

Séances de cours associées

Chargement

Introduction to the IRGC Risk Governance Framework

Marcel Thomas Bürkler, Marie-Valentine Renée Agnès Florin

The IRGC Framework recommends a holistic, multidisciplinary and multistakeholder approach to risk. It supports processes that aim to provide and structure scientific evidence about a risk in a societal context. It helps decision-makers analyse the major ambiguities and controversies that may affect the management of a risk. The Framework provides guidance to cope with risks in situations of high complexity, uncertainty or ambiguity. It can support the detection of current or potential deficits within the risk governance process, and provide guidance for their remediation. Its application enables decision-makers to act on the basis of evidence, transparent assumptions, and broad societal values and interests. The IRGC Risk Governance Framework is a generic resource meant to be tailored to the specific context and needs of each risk governing organisation. The Framework as a whole -or specific parts of it- are often used as a basis or inspiration for an organisation to develop its own risk management framework.

EPFL2017

Chargement

Using stratospheric aerosol injection to alleviate global warming: when?

Marie-Valentine Renée Agnès Florin

Stratospheric aerosol injection (SAI), a type of solar radiation modification (SRM), has the potential to reduce global warming caused by excessive greenhouse gases in the atmosphere. However, there is currently widespread opposition to it, because deploying it would entail a number of uncertainties and risks. Here, we present a decision framework to help policymakers consider using SAI. Such a framework would be necessary if concrete evidence is found that SAI can contribute to reducing warming and that its related risks are acceptable. Of particular importance is the establishment of strict criteria for when SAI may or should be started, and when it should be stopped.

EPFL International Risk Governance Center (IRGC).2021

Chargement

PrivateRide: A Privacy-Enhanced Ride-Hailing Service

Italo Ivan Dacosta Petrocelli, Taha Hajar, Jean-Pierre Hubaux, Kévin Clément Huguenin, Bastien Jacot-Guillarmod, Thi Van Anh Pham, Florian Tramèr

In the past few years, we have witnessed a rise in the popularity of ride-hailing services (RHSs), an online marketplace that enables accredited drivers to use their own cars to drive ride-hailing users. Unlike other transportation services, RHSs raise significant privacy concerns, as providers are able to track the precise mobility patterns of millions of riders worldwide. We present the first survey and analysis of the privacy threats in RHSs. Our analysis exposes high-risk privacy threats that do not occur in conventional taxi services. Therefore, we propose PrivateRide, a privacy-enhancing and practical solution that offers anonymity and location privacy for riders, and protects drivers’ information from harvesting attacks. PrivateRide lowers the high-risk privacy threats in RHSs to a level that is at least as low as that of many taxi services. Using real data-sets from Uber and taxi rides, we show that PrivateRide significantly enhances riders’ privacy, while preserving tangible accuracy in ride matching and fare calculation, with only negligible effects on convenience. Moreover, by using our Android implementation for experimental evaluations, we show that PrivateRide’s overhead during ride setup is negligible. In short, we enable privacy-conscious riders to achieve levels of privacy that are not possible in current RHSs and even in some conventional taxi services, thereby offering a potential business differentiator.

2017

Chargement

MGT-427: Project management and risk analysis

Ce cours a pour objectif de présenter l'approche générale du management de projet en intégrant la gestion du risque dans toutes les étapes du projet.

BIO-455: Introduction to law and ethics

Le but du cours est de familiariser l'étudiant-e aux notions de base du droit et de l'éthique applicables à la recherche en STV et à son transfert en applications, et de lui fournir les éléments essentiels pour identifier les enjeux juridiques et éthiques dans sa future pratique professionnelle.

COM-402: Information security and privacy

This course provides an overview of information security and privacy topics. It introduces students to the knowledge and tools they will need to deal with the security/privacy challenges they are likely to encounter in today's Big Data world. The tools are illustrated with relevant applications.

Sécurité de l'information

vignette|alt=Symbole de sécurité de l'information|Symbole de sécurité de l'information. La sécurité de l'information est un ensemble de pratiques visant à protéger des données. La sécurité de l'info

Vulnérabilité (informatique)

Dans le domaine de la sécurité informatique, une vulnérabilité ou faille est une faiblesse dans un système informatique permettant à un attaquant de porter atteinte à l'intégrité de ce système, c'es

Gestion des risques

La gestion des risques, ou l'anglicisme, management du risque (de l'risk management), est la discipline visant à identifier, évaluer et hiérarchiser les risques liés aux activités d'une organisation,