Analysis and Ranking of IT Risk Factors Using Fuzzy TOPSIS-Based Approach

Abstract

In today’s age of information and communication technology (ICT), many companies are using advanced digital technologies as well as the application of information technology to grow the company and effectively manage their processes. The risk management of information technology plays a crucial role in protecting the important information and data assets of an enterprise. The key objective of risk management in information technology is to safeguard the digital infrastructure from ICT-related harm. An efficient as well as cost effective risk managing mechanism is an integral aspect of an extensive safety system for information technology. A successful approach to IT risk management would strive to protect the company and its infrastructure, not just its digital assets, to conduct their process. Subsequently, the risk managing mechanism must not be viewed solely for instance as a procedural task performed by the IT specialists who run and administer the IT program but as the organization’s critical management task. The risks of information technology assets are of a dynamic nature; different strategies tackle the management of information security risk. This research paper is intended to review and discuss information technology risk managing procedures. We also carried out a multi-criteria decision-making (MCDM)-based empirical investigation to analyses and prioritized different IT risk factors. This has recognized that there are many reports on the techniques, and that various approaches to risk management exist.