Risk Management in Information Technology

This study has examined risk management planning in the field of Information Technology in industrial companies. Today, information is considered a valuable factor along with other factors of production. The rapid growth of the Internet and organizational databases in recent decades has intensified the process of moderating business behavior and its relationship to markets. This situation and its possible developments pose several challenges to our ability to design and deliver information systems. Most managers of organizations have become aware of the importance of using this technology in increasing the efficiency and effectiveness of organizations and greater customer satisfaction. In addition to failing to meet the projected benefits, it is likely that the failure of this IT will not be limited to the financial and economic disadvantages of managing the subtleties of project execution and may continue to IT as long as an organization fails. Regarding the process of risk management or information security risks, there are methods and methodologies which define steps to evaluation process and risk treatment according to the considered approach. But in most of these methods, some basic principles and concepts are considered the same.