PSI - Issue 22

Jerzy STANIK et al. / Procedia Structural Integrity 22 (2019) 334–344 "Author name" / Structural Integrity Procedia 00 (2019) 000 – 000

344

11

2) high efficiency from the point of view of control of IT utility properties, understood as timely and resolute response to all emergency situations and making decisions that control safety properties in the required time, 3) high reliability and security of processes, resources and tasks through:  well-ground decision making,  timely transmission, to the IT environment, of the results of activities resulting from its mission,  the use of effective methods to maintain an acceptable level of risk in relation to the basic IT elements. This paper shows that it is possible to create a “fairly good” and consistent method of maintaining an acceptable level of risk, reliability and functional security, taking into account IT parameters and performance indicators. The following conclusions arise from the considerations set out in this article: 1. In order to eliminate the impact of failure - maintaining the required level of functional reliability, IT resource security and an acceptable level of risk, it is justified to distinguish two phases: - determining a set of acceptable functional configurations in a given emergency situation - determining a set of acceptable security configurations in a given emergency situation, - carrying out the reconfiguration process in a given emergency situation. 2. The proposed method of controlling the current utility properties of the functional configuration or security configuration should be an integral part of the risk management system in IT class systems. 3. The suggested risk assessment concept can also be used at the IT design stage as a “privacy by design” principle recommended in the GDPR/RODO guidelines. 4. The approach to the topic of risk, reliability of IT security, focused on the reconfiguration process, results, i.a. from observations and several years of experience of authors, accumulated: - during observation of establishing and implementing IT in various fields of operation, - while conducting research and implementation projects - during scientific and research works and seminar discussions on risk in corporate security. 5. Using the results of this paper, further research will be deliberately developed in the following directions: - improving the design of functional configuration models as well as security configuration, considering the guidelines of standards in relation to reliability and security, functional safety and risk, - increasing the precision of proposed models by including more detailed parameters and variables describing functional or security configurations and IT operational indicators. The article does not constitute a ready “recipe” for obtaining an acceptable level of IT risk or providing functional IT security. It should be considered a mere proposition of the authors of a partial solution to the problem of IT deployment or operation that allows to control the current level of risk, reliability or IT security. Due to editorial limitations, majority of the difficult analytical problems have only been signaled by means of general functions and calculation formulas. Their practical implementation requires further theoretical research and statistical verification. References Ficoń K. 2011, Elementy potencjałowej teorii bezpieczeństwa wielkich systemów prakseologicznych Zeszyty Naukowe Akademii Mary narki Wojennej nr 3 (186) 2011, Warszawa Kozłowski W., 2012, Zarządzanie gminnymi inwestycjami infrastrukturalnymi, Dif in, Warszawa 2012. Kudłowicz T., Hołduj A., 2015, Infrastruktura w rozwoju regionalnym. Wybrane problemy, CeDeWu, Warszawa 2015. Lidwa W., Krzeszowski W., Więcek W., Kamiński P., 2012, Ochrona infrastruktury krytycznej, Akademia Obrony Narodowej, Warszaw a 2012. Napiórkowski J., Hoffmann R, Stanik J., 2016, Zarządzanie ryzykiem w systemie zarządzania bezpieczeństwem organizacji. Zeszyt y Naukowe Uniwersytetu Szczecińskiego, Ekonomiczne Problemy Usług, (2016). Radziejewski R., 2013, Infrastruktura a bezpiecz eństwo, Zeszyty Naukowe AON nr 3(92) 2013 Sienkiewicz P, 2013, Teoria efektywności systemów, Ossolineum, Wrocław 2013 Stanik J., Kiedrowicz M., Waszkowski R., 2018, "Security and Risk as a Primary Feature of the Production Process", -, ISPEM 2018 (The Second International Conference on Intelligent Systems in Production Engineering and Maintenance), -, 2018 Stanik J., Utrzymywanie wymaganego poziomu bieżącej niezawodności funkcjonalnej komputerowego systemu zautomatyzowanego dowod zenia, praca doktorska, Warszawa 1987 r. Zaleski J. (2005), Usługi Publiczne, w: Misiąg W. (red.), Wzorowy urząd czyli jak usprawnić administrację samorządową, jak mierzyć jej zadania i wyniki, Instytut Badań Nad Gospodarką Rynkową, Warszawa .