Loading [MathJax]/extensions/TeX/color_ieee.js
Evaluation of information security risks using hybrid assessment model | IEEE Conference Publication | IEEE Xplore

Evaluation of information security risks using hybrid assessment model


Abstract:

A risk is the possibility that an undesirable event could happen. Several risk management software tools have been developed in the past to address pressing industrial co...Show More

Abstract:

A risk is the possibility that an undesirable event could happen. Several risk management software tools have been developed in the past to address pressing industrial concerns such as risk identification and estimation, risk exposure, mitigation and keep track of risk positions and respective management plans. Several methods have been developed and used in risk assessments. Two specific methods of interest in this work are: "Risk Matrices" and "Risk Registers". A generic Risk Register application module and an updatable Risk Matrix module was designed. This work studies risk management techniques and employs a custom model for the automated assessment of IS risks. This model was implemented in phases corresponding to its aspects. The "Assessment methods" of interest to this work are Risk Registers, Risk Matrices and the Scenario Geek". What-if analysis is a data-intensive simulation whose goal is to inspect the behavior of a complex system under some given hypotheses called scenarios. What-ifs are used to generate qualitative descriptions of potential problems in the form of questions and responses lists of recommendations for preventing problems. The Risk Assessor was developed using Microsoft's Visual Basic .Net with Active Server Pages (ASP.Net) Technologies on .Net Framework 4.0. This work, if adopted will help keep track of the basic sources which can hamper the operations of the information technology organizations.
Date of Conference: 08-10 December 2014
Date Added to IEEE Xplore: 12 February 2015
Electronic ISBN:978-1-908320-39-1
Conference Location: London, UK

References

References is not available for this document.