Information Security Risk Analysis

2010 ◽  
Author(s):  
Thomas R. Peltier
Keyword(s):  
Information Security ◽  
Risk Analysis ◽  
Security Risk ◽  
Information Security Risk

Risk Analysis of ICT Assets

2019 ◽  
pp. 175-193
Author(s):  
Hamed H. Dadmarz
Keyword(s):  
Information Security ◽  
Risk Analysis ◽  
Human Resources ◽  
Business Owners ◽  
Insurance Company ◽  
Security Risk ◽  
Business Goals ◽  
Top Managers ◽  
Information Security Risk ◽  
Information Assets

Risk analysis is required in all companies to help the business owners or top managers make decisions about risk management strategy, which itself provides an organization with a roadmap for information and information infrastructure protection aligned to business goals and the organization's risk profile. This chapter identifies information assets including network, electricity, hardware, service, software, and human resources in the ICT department of a health insurance company and their relevant risks. To determine the risks, the level of confidentiality, level of integrity, level of availability, the likelihood of threat occurrence, and intensity of vulnerability have been assessed and rated. Assessment is done based on the opinions of 30 experts in the field of information security. According to the results, the highest information security risk is on the network.

ISRAM: information security risk analysis method

2005 ◽  
Vol 24 (2) ◽  
pp. 147-159 ◽  
Author(s):  
Bilge Karabacak ◽  
Ibrahim Sogukpinar
Keyword(s):  
Information Security ◽  
Risk Analysis ◽  
Analysis Method ◽  
Security Risk ◽  
Information Security Risk

scholarly journals Improving Information Security Risk Analysis Practices for Small- and Medium-Sized Enterprises: A Research

10.28945/3190 ◽  
2008 ◽  
Author(s):  
John Beachboard ◽  
Alma Cole ◽  
Mike Mellor ◽  
Steve Hernandez ◽  
Kregg Aytes ◽  
...  
Keyword(s):  
Information Security ◽  
Risk Analysis ◽  
Development Strategy ◽  
Security Risk ◽  
Decision Heuristics ◽  
Organizational Challenges ◽  
Probability Estimates ◽  
Open Development ◽  
Information Security Risk ◽  
Risk Assessment Methodology

Despite the availability of numerous methods and publications concerning the proper conduct of information security risk analyses, small and medium sized enterprises (SMEs) face serious organizational challenges managing the deployment and use of these tools and methods to assist them in selecting and implementing security safeguards to prevent IS security compromises. This paper builds a case for and then outlines a possible approach and a multi-faceted research agenda for developing an “open development” strategy to address recognized deficiencies in the area of risk analysis to include developing: a multi-level risk assessment methodology and set of decision heuristics designed to minimize the intellectual effort required to conduct SME infrastructure level risk assessments, a set of decision heuristics to assist in the quantification of organizational costs, financial as well as non-financial, a knowledge base of probability estimates associated with specified classes of threats for use in the application of the aforementioned methodology and automated tool(s) capable of supporting the execution of the aforementioned methodology and heuristics.

Sign in / Sign up

Export Citation Format

Share Document