A Quantitative Method for Multicriteria Analysis of the Assets of a Critical System in the Management Process of Information Security

The selection of an optimal solution for the identification of the critical assets is a rather complex process, as all the valuable assets of an organization have to be identified, classified and quantified under a common approach, within the risk management process. The paper proposes a quantitative method for the identification of critical assets/services within information security assessment and analysis process which is based on multi-criteria analysis. The aim of this paper is to present a more objective method for the assessment, ranking and quantification of critical assets/services through the analysis of predefined criteria using TOPSIS method. The authors consider that by using this method we can take better decisions in ranking critical assets/services.