Information Security Risk Assessment
نویسندگان
چکیده
Information security risk assessment is an important part of enterprises’ management practices that helps to identify, quantify, and prioritize risks against criteria for acceptance objectives relevant the organization. Risk refers a process consists identification, management, elimination or reduction likelihood events can negatively affect resources information system reduce potentially have ability system, subject acceptable cost protection means contain analysis, analysis “cost-effectiveness” parameter, selection, construction, testing subsystem, as well study all aspects security.
منابع مشابه
Taxonomy of information security risk assessment (ISRA)
Information is a perennially significant business asset in all organizations. Therefore, it must be protected as any other valuable asset. This is the objective of information security, and an information security program provides this kind of protection for a company’s information assets and for the company as a whole. One of the best ways to address information security problems in the corpor...
متن کاملInformation Security Risk Assessment, Aggregation, and Mitigation
As part of their compliance process with the Basel 2 operational risk management requirements, banks must define how they deal with information security risk management. In this paper we describe work in progress on a new quantitative model to assess and aggregate information security risks that is currently under development for deployment. We show how to find a risk mitigation strategy that i...
متن کاملInformation Security Risk Assessment in Hospitals
Background To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. Objective The aim of this study was to assess the risks threatening information security in the hospitals located in one of t...
متن کاملCollective information structure model for Information Security Risk Assessment (ISRA)
Purpose – Information security has become an essential entity for organizations across the globe to eliminate the possible risks in their organizations by conducting information security risk assessment (ISRA). However, the existence of numerous different types of risk assessment methods, standards, guidelines and specifications readily available causes the organizations to face the daunting ta...
متن کاملInformation Asset Valuation Method for Information Technology Security Risk Assessment
The information security strategic plan is necessarily comprehensive, including business processes, people, and physical infrastructure, as well as the information system. The Security risk evaluation needs the calculating asset value to predict the impact and consequence of security incidents. The return on security investment (ROSI) is defining the value for all invested in terms of security ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Encyclopedia
سال: 2021
ISSN: ['2673-8392']
DOI: https://doi.org/10.3390/encyclopedia1030050