A Practical Security Risk Analysis Process and Tool for Information System
نویسندگان
چکیده
While conventional business administration-based information technology management methods are applied to the risk analysis of information systems, no security risk analysis techniques have been used in relation to information protection. In particular, given the rapid diffusion of information systems and the demand for information protection, it is vital to develop security risk analysis techniques. Therefore, this paper will suggest an ideal risk analysis process for information systems. To prove the usefulness of this security risk analysis process, this paper will show the results of managed, physical and technical security risk analysis that are derived from investigating and analyzing the conventional information protection items of an information system.
منابع مشابه
National Food and Nutrition Security System (SAMAT), A Tool for Identifying and Monitoring Food Insecurity in the Country
Background and objectives: Iran was reported in the high-risk group of World Food Security Map in 2008 .Identifying food insecurity is first step for executing interventions. Measuring household food security is its cornerstone. SAMAT System was designed to provide a variety of GIS-based reports to policy makers and managers in the field of food security. Methods and Materials: SAMAT system wa...
متن کاملSystems Risk Analysis UsingHierarchical Modeling
A fresh look at the system analysis helped us in finding a new way of calculating the risks associated with the system. The author found that, due to the shortcomings of RPN, more researches needed to be done in this area to use RPNs as a new source of information for system risk analysis. It is the purpose of this article to investigate the fundamental concepts of failure modes and effects ana...
متن کاملIdentifying and Ranking Technology-Telecommunications Context of Information Security anagement System in E-Government Using Fuzzy AHP Approach
In recent years, many security threats have entered into the organizations’ information and changed the organizational performance resulting in their exorbitant costs. This question is of particular importanceabout government agencies that use information and Internet systems. This issue enabled the top managers of organizations to implement a security system and minimize these costs. Using In...
متن کاملریسک سنج: ابزاری برای سنجش دقیق میزان ریسک امنیتی برنامهها در دستگاههای همراه
Nowadays smartphones and tablets are widely used due to their various capabilities and features for end users. In these devices, accessing a wide range of services and sensitive information including private personal data, contact list, geolocation, sending and receiving messages, accessing social networks and etc. are provided via numerous application programs. These types of accessibilities, ...
متن کاملIdentifying Information Security Risk Components in Military Hospitals in Iran
Background and Aim: Information systems are always at risk of information theft, information change, and interruptions in service delivery. Therefore, the present study was conducted to develop a model for identifying information security risk in military hospitals in Iran. Methods: This study was a qualitative content analysis conducted in military hospitals in Iran in 2019. The sample consist...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JIPS
دوره 2 شماره
صفحات -
تاریخ انتشار 2006