  • Publication
    (2011) ;
    Andrejs Romanovs
    Yuri Merkuryev
    Arnis Kleins
    Pjotrs Dorogovs
    Ojars Krasts
    Information technology systems represent the backbone of a company's operational infrastructure. A company's top management typically ensures that computer software and hardware mechanisms are adequate, functional and in adherence with regulatory guidelines and industry practices. Nowadays, due to depressed economic and increased intensity of performed operations, business highly recognizes the influence of effective Information Technology risk management on profitability. The purpose of this paper is to develop IT risks assessment systems support functional model, based on analysis of IT risks and assessment mechanisms, IT governance and risk management frameworks, functional analysis of IT risks assessment and management software, and, finally, to develop IT risk management domain specification language with a metamodel that defines an abstract UML based language for supporting model-based risk assessment. Usage of UML based domain specific language achieves synergy from in IT industry widely used UML modelling technique and the domain specific risk management extensions.