A multidimensional approach to information security risk management using FMEA and fuzzy theory
نویسندگان
چکیده
Because of the evolution and widespread use of the Internet, organisations are becoming more susceptible to attacks on Information Technology Systems. These attacks result in data losses and alterations, and impact services and business operations. Therefore, to minimise these potential failures, this paper presents an approach to information security risk management, encompassing Failure Mode and Effects Analysis (FMEA) and fuzzy theory. This approach analyses five dimensions of information security: access to information and systems, communication security, infrastructure, security management and secure information systems development. To illustrate the proposed model, it was applied to a University Research Group project. The results show that the most important aspects of information security risk are communication security, followed by infrastructure. © 2014 Elsevier Ltd. All rights reserved.
منابع مشابه
Risk management in medical product development process using traditional FMEA and fuzzy linguistic approach: a case study
Medical product development (MPD) process is highly multidisciplinary in nature, which increases the complexity and the associated risks. Managing the risks during MPD process is very crucial. The objective of this research is to explore risks during MPD in a dental product manufacturing company and propose a model for risk mitigation during MPD process to minimize failure events. A case study ...
متن کاملA Fuzzy FMEA Approach to Prioritizing Surgical Cancellation Factors
Background and Objectives: Surgical cancelation is a significant source of time and resource waste, patient safety risk, and stress for patients and their families. In this study, a risk management-based approach is developed to prioritize factors contributing to surgical cancellation. Methods: Factors leading to surgical cancellation were comprehensively classified based on literature review...
متن کاملDesign Software Failure Mode and Effect Analysis using Fuzzy TOPSIS Based on Fuzzy Entropy
One of the key pillars of any operating system is its proper software performance. Software failure can have dangerous effects and consequences and can lead to adverse and undesirable events in the design or use phases. The goal of this study is to identify and evaluate the most significant software risks based on the FMEA indices with respect to reduce the risk level by means of experts’ opini...
متن کاملUsing fuzzy FMEA and fuzzy logic in project risk management
Risk management is one of the most important phases of project management and isthe most recently used by many researchers. In this paper, a fuzzy based method wasproposed which identifies different kinds of risks through the project life cycle.Then, the project risk magnitude can be obtained in regards to five factors, namely“severity”, “occurrence”, and “not detection” which form fuzzy FMEA a...
متن کاملDeveloping a Method for Risk Analysis in Tile and Ceramic Industry Using Failure Mode and Effects Analysis by Data Envelopment Analysis
The failure mode and effects analysis (FMEA) is a widely used analytical technique that helps to identify and reduce the risks of failure in a system, component, or process. One important issue of FMEA is the determination of the risk priorities of failure modes. Risk ranking is produced in order to prioritize the focus on each of the failure modes that are identified. In this study, we applied...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Int J. Information Management
دوره 34 شماره
صفحات -
تاریخ انتشار 2014