In electronic business environment, it is critical for an enterprise to assess information systems security (ISS) risks. In this paper we propose an evidence theory and rough sets based approach to objectively represent uncertainty inherent in the ISS risk assessment. Uncertainty in security risk management stems from the incompleteness and vagueness of the conditioning attributes that characte...

End users activities in social media lead to regular changes in the overall privacy impact because they continually encounter or meddle in all forms of private data associations. Users are exposed to regular changes in risk level as a result of regular updates. To keep an overview over risk exposure, privacy risk assessments, in theory, should be re-done upon every update in a user’s network. E...

Information Technology (IT) projects are always accompanied by various risks and because of high rate of failure in such projects, managing risks in order to neutralize or at least decrease their effects on the success of the project is strongly essential. In this paper, fuzzy analytical hierarchy process (FAHP) is exploited as a means of risk evaluation methodology to prioritize and organize r...

Risk management is crucial for successful construction project management. Effective risk assessment can improve construction enterprises’ competitiveness and profitability to a great extent. And the information of previous projects is a very precious resource and reference for construction project risk management. In order to facilitate project participants to query required information of pre...

A Comprehensive Health Technology Assessment Framework is presented as a conceptual tool for decision-making about health technologies, including information technologies. The aim of the model is to provide an empirical, evidence-based foundation for health technology decisions. The major framework dimensions are (1) population at risk, (2) population impact, (3) economic concerns, (4) social c...

In this paper we analyze a software diversification-based strategy to achieve information security. The notion of using diversity to limit correlated risks is a widely accepted strategy in many fields. Various risk management approaches strive to minimize the variance of losses faced by individuals by either risk pooling, as in insurance, or diversification, as in portfolio management. However,...

Drought is a common occurrence in Nebraska and agriculture is the primary economic sector affected. Because of repeated and widespread severe drought impacts, more emphasis on drought risk management is warranted. This study develops an agricultural drought risk assessment model using multivariate techniques. The model is specific to corn and soybeans and is able to assess realtime agricultural...

Risk assessment is the core process of information security risk management. Organizations use risk assessment to determine the risks within an information system and provide sufficient means to reduce these risks. In this paper, a hybrid procedure for evaluating risk levels of information security under various security controls is proposed. First, this procedure applies the Decision Making Tr...

Utility that modern smartphone technology provides to individuals is most often enabled by technical capabilities that are privacy-affecting by nature, i.e. smartphone apps are provided with access to a multiplicity of sensitive resources required to implement context-sensitivity or personalization. Due to the ineffectiveness of current privacy risk communication methods applied in smartphone e...

Quality management is of paramount importance in all stages of the Agri-Food production and process chain. The approach of quality management has been changed in the past years due to the effects of globalization, numerous deficits in food safety and the legislative such as the new European regulation 178/2002 concerning food safety. A challenge was and is the integration of these changes into ...