| Encyclopedia | |
| Information Security Risk Assessment | |
| Taimur Bakhshi1 Ievgeniia Kuzminykh2 Volodymyr Sokolov3 Bogdan Ghita4 | |
| [1] Center for Information Management and Cyber Security, Foundation for Advancement of Science & Technology, Lahore 54770, Pakistan;Department of Informatics, King’s College London, London WC2R 2ND, UK;Department of Information and Cyber Security, Borys Grinchenko Kyiv University, 04212 Kyiv, Ukraine;School of Engineering, Computing and Mathematics, University of Plymouth, Plymouth PL4 8AA, UK; | |
| 关键词: information risk management; security risk assessment; risk classification; OCTAVE; CRAMM; RiskWatch; | |
| DOI : 10.3390/encyclopedia1030050 | |
| 来源: DOAJ | |
【 摘 要 】
Information security risk assessment is an important part of enterprises’ management practices that helps to identify, quantify, and prioritize risks against criteria for risk acceptance and objectives relevant to the organization. Risk management refers to a process that consists of identification, management, and elimination or reduction of the likelihood of events that can negatively affect the resources of the information system to reduce security risks that potentially have the ability to affect the information system, subject to an acceptable cost of protection means that contain a risk analysis, analysis of the “cost-effectiveness” parameter, and selection, construction, and testing of the security subsystem, as well as the study of all aspects of security.
【 授权许可】
Unknown
878987797
028-85220240
