About Some Risks Associated with Subjective Factors, and the Methodology for their Assessment

The authors propose a methodology for assessing the risk associated with subjective factors that may affect the achievement of the final goals of business projects, including ensuring information security. Such factors may include the level of salary, the level of professionalism, and others. At the same time, we propose carrying out the risk assessment by using the fuzzy logic method, which allows us to determine the dependence of the risk on various parameters under conditions of their uncertainty. According to the authors, the proposed methodology will help avoid some incorrect management decisions in the formation of author (working) teams, which could lead to negative consequences in the further implementation of the business project. These negative consequences can be expressed in delaying the implementation period, increasing the project’s cost, or even losing business due to critical information and personnel leakage. Also, this method allows you to increase the effectiveness of personnel policy in the organisation or the company. We noted that this method is applicable not only for individual enterprises but also for corporations and associations with complex network structures.

1. InfoWatch. (2020). Restricted Information leaks: report for 9 months of 2020. Retrieved from: https://www.infowatch.ru/form—modal/report—download/30708. (Accessed 08.03.2021).

2. InfoWatch, (2020), Data leaks of organisations due to the fault of an internal violator. Comparative study. 2013–2019. Retrieved from: https://www.infowatch.ru/form—modal/report—download/24339. (Accessed 08.03.2021).

3. Kozlov A., Noga N. (2020). Some Method of Complex Structures Information Security Risk Assessment in Conditions of Uncertainty. Proceedings of the 13th International Conference “Management of Large-Scale System Development” (MLSD). Moscow: IEEE. Available at: https://ieeexplore.ieee.org/document/9247662.

4. Kozlov A., Noga N. (2019), The Information Security Risks of Enterprise Information Systems Using Cloud Technology, Risk management, 3, 31–46. (In Russian).

5. Matlab version 9.6.0 R 2019a [Electronic resource]. Available at: https://1progs.ru/matlab/. (Accessed 05.09.2019).

6. Vannovskaya O. V. (2013). Psychology of corrupt behaviour of civil servants. St. Petersburg: Ltd “Book House”; 264 p. (In Russian)