ISRAM: information security risk analysis method

نویسندگان

  • Bilge Karabacak
  • Ibrahim Sogukpinar
چکیده

Continuously changing nature of technological environment has been enforcing to revise the process of information security risk analysis accordingly. A number of quantitative and qualitative risk analysis methods have been proposed by researchers and vendors. The purpose of these methods is to analyze today's information security risks properly. Some of these methods are supported by a software package. In this study, a survey based quantitative approach is proposed to analyze security risks of information technologies by taking current necessities into consideration. The new method is named as Information Security Risk Analysis Method (ISRAM). Case study has shown that ISRAM yields consistent results in a reasonable time period by allowing the participation of the manager and staff of the organization.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Prognosis for isolated skin recurrence after breast cancer treated by mastectomy.

UNLABELLED Isolated skin recurrence after mastectomy (ISRAM) for breast cancer is a rare event for which treatment is difficult and subject to debate. PATIENTS AND METHODS The records of 75 patients presenting with ISRAM were reviewed retrospectively. The factors liable to affect recurrence prognosis were analyzed, and included both factors related to the primary tumor and its treatment and t...

متن کامل

Identifying Information Security Risk Components in Military Hospitals in Iran

Background and Aim: Information systems are always at risk of information theft, information change, and interruptions in service delivery. Therefore, the present study was conducted to develop a model for identifying information security risk in military hospitals in Iran. Methods: This study was a qualitative content analysis conducted in military hospitals in Iran in 2019. The sample consist...

متن کامل

بهبود رتبه بندی مخاطرات امنیت اطلاعات با استفاده از مدل های تصمیم گیری چند شاخصه

One of the most important capabilities of information security management systems, which must be implemented in all organizations according to their requirements, is information security risk management. The application of information security risk management is so important that it can be named as the heart of information security management systems. Information security risk rating is conside...

متن کامل

A Security Risk Analysis Method for Information System Based on Infor- mation Entropy

According to the problem of the uncertain information is difficult to quantify in information systems security risk analysis process, proposed an information system security risk analysis method based on information entropy. This method use information entropy to measure the risk of information systems, introduce the information entropy theory, and get the value of the risk of various risk fact...

متن کامل

Critical Success Factors in implementing information security governance (Case study: Iranian Central Oil Fields Company)

The oil industry, as one of the main industries of the country, has always faced cyber attacks and security threats. Therefore, the integration of information security in corporate governance is essential and a governance challenge. The integration of information security and corporate governance is called information security governance. In this research, we identified "critical success factor...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Computers & Security

دوره 24  شماره 

صفحات  -

تاریخ انتشار 2005