Analysis of Intelligent Information Security Risk Assessment Based on Decision Tree

2021 ◽  
Author(s):  
Zhixuan Xiao ◽  
Shihua Pan
Keyword(s):  
Risk Assessment ◽  
Information Security ◽  
Decision Tree ◽  
Security Risk ◽  
Information Security Risk ◽  
Intelligent Information ◽  
Security Risk Assessment

Collective information structure model for Information Security Risk Assessment (ISRA)

2015 ◽  
Vol 17 (2) ◽  
pp. 193-219 ◽  
Author(s):  
Palaniappan Shamala ◽  
Rabiah Ahmad ◽  
Ali Hussein Zolait ◽  
Shahrin bin Sahib
Keyword(s):  
Risk Assessment ◽  
Information Security ◽  
Information Structure ◽  
Structure Model ◽  
Security Risk ◽  
Content Type ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
Collective Information ◽  
Tedious Process

Purpose – Information security has become an essential entity for organizations across the globe to eliminate the possible risks in their organizations by conducting information security risk assessment (ISRA). However, the existence of numerous different types of risk assessment methods, standards, guidelines and specifications readily available causes the organizations to face the daunting tasks in determining the most suitable method that would augur well in meeting their needs. Therefore, to overcome this tedious process, this paper suggests collective information structure model for ISRA. Design/methodology/approach – The proposed ISRA model was developed by deploying a questionnaire using close-ended questions administrated to a group of information security practitioners in Malaysia (N = 80). The purpose of the survey was to strengthen and add more relevant additional features to the existing framework, as it was developed based on secondary data. Findings – Previous comparative and analyzed studies reveals that all the six types of ISRA methodologies have features of the same kind of information with a slight difference in form. Therefore, questionnaires were designed to insert additional features to the research framework. All the additional features chosen were based on high frequency of more than half percentage agreed responses from respondents. The analyses results inspire in generating a collective information structure model which more practical in the real environment of the workplace. Practical implications – Generally, organizations need to make comparisons between methodologies and decide on the best due to the inexistence of agreed reference benchmark in ISRA methodologies. This tedious process leads to unwarranted time, money and energy consumption. Originality/value – The collective information structure model for ISRA aims to assist organizations in getting a general view of ISRA flow and gathering information on the requirements to be met before risk assessment can be conducted successfully. This model can be conveniently used by organizations to complete all the required planning as well as to select the suitable methods to complete the ISRA.

Sign in / Sign up

Export Citation Format

Share Document