Information Security Risk Assessment: A Method Comparison
نویسندگان
چکیده
منابع مشابه
Information Asset Valuation Method for Information Technology Security Risk Assessment
The information security strategic plan is necessarily comprehensive, including business processes, people, and physical infrastructure, as well as the information system. The Security risk evaluation needs the calculating asset value to predict the impact and consequence of security incidents. The return on security investment (ROSI) is defining the value for all invested in terms of security ...
متن کاملDevelopment of an E-Healthcare Information Security Risk Assessment Method
This paper developed a method to assess information security risks in e-healthcare. Specifically, it first developed a static E-Healthcare Information Security Risk (EHISR) model to present thirty-three security risk factors by identifying information security threats and their sources in e-healthcare. Second, a dynamic E-Healthcare Information Flow (EHIF) model was developed to logically link ...
متن کاملTaxonomy of information security risk assessment (ISRA)
Information is a perennially significant business asset in all organizations. Therefore, it must be protected as any other valuable asset. This is the objective of information security, and an information security program provides this kind of protection for a company’s information assets and for the company as a whole. One of the best ways to address information security problems in the corpor...
متن کاملInformation Security Risk Assessment, Aggregation, and Mitigation
As part of their compliance process with the Basel 2 operational risk management requirements, banks must define how they deal with information security risk management. In this paper we describe work in progress on a new quantitative model to assess and aggregate information security risks that is currently under development for deployment. We show how to find a risk mitigation strategy that i...
متن کاملInformation Security Risk Assessment in Hospitals
Background To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. Objective The aim of this study was to assess the risks threatening information security in the hospitals located in one of t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computer
سال: 2017
ISSN: 0018-9162
DOI: 10.1109/mc.2017.107