IA OM as an Enterprise Risk Management Metric

نویسندگان

  • David R. Comings
  • Wendy W. Ting
چکیده

Ting and Comings [1] described how to use the Information Assurance (IA) Object Measurement (OM®) metric as a tool to measure the monitoring step (Step 6) described in the United States (U.S.) National Institute of Standards and Technology’s (NIST) Risk Management Framework (RMF)1 [2]. This chapter expands the applicability of the IA OM® metric and shows how it may be used as an enterprise-wide information security risk management metric.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Reputation Risk Management in the Framework of Enterprise Risk Management: Evidences from an Active Financial Institution in the Capital Market of Iran

Reputation risk as one of the most important risks in any competitive industry and market should be considered before all the risks of the enterprise which also affects other risks. This research aims to review and manage reputation risk in the framework of enterprise risk management. Considering the importance of the subject and lack of available studies in this field, the innovation of presen...

متن کامل

Enterprise-Wide Risk Management (EWRM) as a Value Added Tool in Enhancing the Economic Value of Business Enterprises

In recent years, Risk Management in respect of Enterprise-Wide Risk Management (EWRM) has become more important and highly critical to major corporations worldwide including Malaysia. In fact, it is interesting to note that when the Government of Malaysia passed the Code of Corporate Governance in the year 2000, most of the Public Limited Companies (PLCs) in Malaysia was struggling to implement...

متن کامل

Towards Measuring the Project Management Process During Large Scale Software System Implementation Phase

Project management is an important factor to accomplish the decision to implement large-scale software systems (LSS) in a successful manner. The effective project management comes into play to plan, coordinate and control such a complex project. Project management factor has been argued as one of the important Critical Success Factor (CSF), which need to be measured and monitored carefully duri...

متن کامل

Enterprise Risk Management and Performance of Financial Institutions in Iraq: The Mediating Effect of Information Technology Quality

Enterprise risk management represents a process of assessing exposure to risks in an institution. It is a systematic mechanism and a comprehensive tool for predicting events, including unexpected events, and their impacts. This paper is a conceptual study. It aims at designing a model for testing the mediation effect of information technology (IT) quality on the relationship between the enterpr...

متن کامل

A risk-metric framework for enterprise risk management

A risk-metric framework that supports Enterprise Risk Management is described. At the heart of the framework is the notion of a risk profile that provides risk measurement for risk elements. By providing a generic template in which metrics can be codified in terms of metric space operators, risk profiles can be used to construct a variety of risk measures for different business contexts. These ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012