Quantitative Risk Analysis and Evaluation in Information Systems: A Case Study
نویسندگان
چکیده
The rapid growth of the Internet technology has encouraged organizations to protect their information assets. Furthermore, the need for risk analysis has become very important for organizations. However, the existing risk analysis just presents the guidelines that can be used to determine the security measures but do not support how to evaluate the risks quantitatively. Therefore, in this paper, the quantitative risk evaluation model based on the Markov process, especially for the case of interrelated threats, is proposed. In addition, in order to analyze the relationship between threats, the basic analysis method using the covariance and the correlation coefficient is presented.
منابع مشابه
Developing a Model Based on Geospatial Information Systems (GIS) and Adaptive Neuro-Fuzzy Inference Systems (ANFIS) for Providing the Spatial Distribution Map of Landslide Risk. Case Study: Alborz Province
Landslide is one of these natural hazards which causes a great amount of financial and human damage annually allover the world. Accordingly, identification of areas with landslide threat for implementation of preventive measures in order to confront against the instability of hillsides for reduction of potential threats and related risks is very important. In this research a new method for clas...
متن کاملThe role of Real option in e-business Risk management: The case of E-treasury project
Implementing information technology projects requires a calculated process to prevent failure. At the same time application of information technology in organizations faces various potential risks. Exploring information technology environment in organizations reveals the potential risks and provides a structure for comprehensive risk management. There are various methods available for risk mana...
متن کاملThe role of Real option in e-business Risk management: The case of E-treasury project
Implementing information technology projects requires a calculated process to prevent failure. At the same time application of information technology in organizations faces various potential risks. Exploring information technology environment in organizations reveals the potential risks and provides a structure for comprehensive risk management. There are various methods available for risk mana...
متن کاملPresenting a semi-quantitative model based on the resiliency engineering management commitment index in assessing the level of preparedness against emergency situations of hospitals in a fuzzy environment (case study: selected Faraja hospitals in 202
Abstract Background and Objective: The main index in resilience engineering is the management commitment index. In this study, a semi-quantitative risk assessment method based on the fuzzy hierarchical analysis method for management commitment index was implemented in evaluating the resilience level of two selected hospitals. Materials and methods: At first, evaluation tools including a 17-qu...
متن کاملQualitative and quantitative approaches to analyse reliability of a mechatronic system: a case
The main research intent of this paper is to introduce the use of fault tree analysis (FTA) and failure mode and effects analysis (FMEA) in conjunction to analyse the risk and reliability of a complex mechatronic system in both qualitative and quantitative manner. The major focus is on handling imprecise and vague information with the help of fuzzy synthesis of information. A complex mechatroni...
متن کاملDetermination of Critical Success Factors for Knowledge Management Implementation, Using Qualitative and Quantitative Tools (Case study: Bahman Automobile Industry)
The critical success factors (CSFs) of knowledge management (KM) systems are considered as areas that must be given the required attention for the successful implementation of knowledge management. In this respect and to reduce the failure risk of knowledge management projects, the current paper aims to arrive at a conceptual model by identifying and prioritizing factors for guiding research in...
متن کامل