Abstract
Many of society's systems are dependent on information technology (IT), which means that securing the safety of IT systems is of the utmost importance. Furthermore, numerous stakeholders (managers, customers, employees, etc.) exist in the risk measures decision-making process for these IT systems, which makes it necessary to have a means of communicating risk measures so that stakeholders can easily form a consensus when necessary. For this purpose, we have developed a Multiple Risk Communicator (MRC) to assist in consensus formation within organizations and a Social-MRC system to support social consensus formation, which we have applied to various problems. This paper describes the considerations that IT system risk communication should take, describes the development of the necessary support systems, and provides information on the results of their application.
