A new quantitative approach for information security risk assessment

摘要：

This article represent a new quantitative approach for assessing the overall information security risks in the real business environment. The new approach is based on Microsoft and Callio Secura approach which are common and practical approaches in the world. The advantage of this approach is that the organization can determine its business risk and the return on security investment.

关键词： information security information asset risk assessment return on investment

作者: Abbas Asosheh Bijan Dehmoubed Amir Khani

作者单位: Department of Industrial Engineering, Tarbiat Modares University Tehran, Iran Department of Information Technology Management, Faculty of Management, University of Tehran Tehran,

会议类型: 国际会议

会议名称: 2009 2nd IEEE International Conference on Computer Science and Information Technology(第二届计算机科学与信息技术国际会议 ICCSIT2009)

会议地点: 北京

会议语种:英文

页码: 883-888

在线出版日期: 2009-08-08（万方平台首次上网日期，不代表论文的发表时间）

会议专题

A new quantitative approach for information security risk assessment