IT Risk Assessment: Quantitative and Qualitative Approach

被引:0
|
作者
Rot, Artur [1 ]
机构
[1] Wroclaw Univ Econ, Business Informat Inst, Dept Management Informat Syst Engn, Wroclaw, Poland
来源
WCECS 2008: WORLD CONGRESS ON ENGINEERING AND COMPUTER SCIENCE | 2008年
关键词
IT risk; IT security risk analysis methods; qualitative risk assessment methods; quantitative risk assessment methods;
D O I
暂无
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
IT risk management currently plays more and more important role in almost all aspects of contemporary organizations' functionality. It requires reliable and cyclical realization of its key task which is risk analysis. Literature of subject presents problems of risk analysis in different way, the most often skipped or selectively treated the problem of quantitative methods application for the purpose of risk analysis. The article presents the issue of one of the most significant stages of risk analysis which is IT risk assessment, especially focusing on chosen quantitative methods such as ALE (Annual Loss Eypected) method, Courtney method, Fisher's method, using survey research ISRAM model (Information Security Risk Analysis Method) and other derived ratios. There were also shortly presented chosen qualitative methods - FMEA (Failure Mode and Effects Analysis) and FMECA (Failure Mode and Effects Criticality Analysis), NIST SP 800-30 method and CRAMM methodology.
引用
收藏
页码:1073 / 1078
页数:6
相关论文
共 50 条
  • [31] Systematic Quantitative and Qualitative Reference Transaction Assessment: An Approach for Service Improvements
    Buckley, Ellie
    Tancheva, Kornelia
    Li, Xin
    [J]. PROCEEDINGS OF THE 2008 LIBRARY ASSESSMENT CONFERENCE: BUILDING EFFECTIVE, SUSTAINABLE, PRACTICAL ASSESSMENT, 2009, : 375 - 385
  • [32] STUDENT ASSESSMENT OF SOCRATIVE USE IN CLASSROOM: A QUALITATIVE-QUANTITATIVE APPROACH
    Seric, Maja
    [J]. 13TH INTERNATIONAL TECHNOLOGY, EDUCATION AND DEVELOPMENT CONFERENCE (INTED2019), 2019, : 9193 - 9201
  • [33] Flood Risk and Social Justice: From Quantitative to Qualitative Flood Risk Assessment and Mitigation
    Luscombe, David
    [J]. ENVIRONMENTAL VALUES, 2013, 22 (05) : 672 - 674
  • [34] Quantitative risk assessment - An alternative approach to laser safety?
    Gardner, B
    Smith, PA
    [J]. IRPA9 - 1996 INTERNATIONAL CONGRESS ON RADIATION PROTECTION / NINTH INTERNATIONAL CONGRESS OF THE INTERNATIONAL RADIATION PROTECTION ASSOCIATION, PROCEEDINGS, VOL 3, 1996, : C669 - C671
  • [35] Risk assessment in genetics: A semi-quantitative approach
    Glasspool, DW
    Fox, J
    Coulson, AS
    Emery, J
    [J]. MEDINFO 2001: PROCEEDINGS OF THE 10TH WORLD CONGRESS ON MEDICAL INFORMATICS, PTS 1 AND 2, 2001, 84 : 459 - 463
  • [36] A new quantitative approach for information security risk assessment
    Asosheh, Abbas
    Dehmoubed, Bijan
    Khani, Amir
    [J]. ISI: 2009 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS, 2009, : 229 - 229
  • [37] COMPETING RISKS IN A QUANTITATIVE RISK ASSESSMENT - ONE APPROACH
    MARGOSCHES, EH
    BAYARD, S
    [J]. BIOMETRICS, 1985, 41 (02) : 579 - 579
  • [38] Cyber Security Risk Modelling and Assessment: A Quantitative Approach
    Sokri, Abderrahmane
    [J]. PROCEEDINGS OF THE 18TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY (ECCWS 2019), 2019, : 466 - 474
  • [39] On a Stepwise Quantitative Approach for Benefit-Risk Assessment
    Weili He
    Yaxuan Sun
    Qing Li
    Sabrina Wan
    [J]. Therapeutic Innovation & Regulatory Science, 2017, 51 : 625 - 634
  • [40] A quantitative approach to clinical risk assessment: The CREA method
    Trucco, Paolo
    Cavallin, Michela
    [J]. SAFETY SCIENCE, 2006, 44 (06) : 491 - 513
12345