Information security risk assessment model for risk management

被引:0
|
作者
Wawrzyniak, Dariusz [1 ]
机构
[1] Univ Econ, PL-53345 Wroclaw, Poland
来源
TRUST, PRIVACY, AND SECURITY IN DIGITAL BUSINESS, PROCEEDINGS | 2006年 / 4083卷
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The article presents a simple model for the information security risk assessment. There are four main elements of the model: security threats, their business impact, security measures and their costs. The security measures - threats relationship matrix is the fundamental quantitative tool for the model. The model bases on well known methods like ALE, ROSI and ISRAM but allows for establishing more flexible and more precise metrics supporting the security management process at different organizational levels(1).
引用
收藏
页码:21 / 30
页数:10
相关论文
共 50 条
  • [21] Enterprise Risk Management and Information Systems Security Risk
    Olson, David L.
    Wu, Desheng
    [J]. PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON RISK MANAGEMENT & GLOBAL E-BUSINESS, VOLS I AND II, 2009, : 1 - 5
  • [22] Risk Management Model of Information Security in IC Manufacturing Industry
    Dai, Weihui
    Zhu, Qi
    Wang, Chunshi
    Zeng, Yujiao
    [J]. JOURNAL OF COMPUTERS, 2012, 7 (02) : 317 - 324
  • [23] Risk Assessment Model of Information Security for Transportation Industry System Based on Risk Matrix
    Zhao Xiangmo
    Dai Ming
    Ren Shuai
    Li Luyao
    Duan Zongtao
    [J]. APPLIED MATHEMATICS & INFORMATION SCIENCES, 2014, 8 (03): : 1301 - 1306
  • [24] Information Security Risk Assessment in SCM
    Roy, Arup
    Gupta, A. D.
    Deshmukh, S. G.
    [J]. 2013 IEEE INTERNATIONAL CONFERENCE ON INDUSTRIAL ENGINEERING AND ENGINEERING MANAGEMENT (IEEM 2013), 2013, : 1002 - 1006
  • [25] Automation of Information Security Risk Assessment
    Akhmetov, Berik
    Lakhno, Valerii
    Chubaievskyi, Vitalyi
    Kaminskyi, Serhii
    Adilzhanova, Saltanat
    Ydyryshbayeva, Moldir
    [J]. INTERNATIONAL JOURNAL OF ELECTRONICS AND TELECOMMUNICATIONS, 2022, 68 (03) : 549 - +
  • [26] Security through Information Risk Management
    Johnson, M. Eric
    Goetz, Eric
    Pfleeger, Shari Lawrence
    [J]. IEEE SECURITY & PRIVACY, 2009, 7 (03) : 45 - 52
  • [27] The Quantification Management of Information Security Risk
    Lao, Guoling
    Wang, Liping
    [J]. 2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31, 2008, : 10377 - 10380
  • [28] Risk Assessment of Power Information Risk Security Based on Risk Matrix
    Wang Xu
    Chen Tao
    Wang Yujie
    Guo Qinrui
    Teng Yangxin
    [J]. PROCEEDINGS OF 2018 IEEE 3RD ADVANCED INFORMATION TECHNOLOGY, ELECTRONIC AND AUTOMATION CONTROL CONFERENCE (IAEAC 2018), 2018, : 1494 - 1498
  • [29] Risk assessment of Information Security Management System inGovernment Organizations in Iran
    Fayez, Samane
    Nazeri, HodaHosseinZade
    BagherKiaroodi, Mohammad
    [J]. PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON COMPUTER, NETWORKS AND COMMUNICATION ENGINEERING (ICCNCE 2013), 2013, 30 : 77 - 79
  • [30] A conceptual model and empirical assessment of HR security risk management
    Kumah, Peace
    Yaokumah, Winfred
    Okai, Eric Saviour Aryee
    [J]. INFORMATION AND COMPUTER SECURITY, 2019, 27 (03) : 411 - 433
12345