Title :
Information Security Risk Assessment Methodology Research: Group Decision Making and Analytic Hierarchy Process
Author :
Xinlan, Zhang ; Zhifang, Huang ; Guangfu, Wei ; Xin, Zhang
Author_Institution :
Sch. of Econ. & Manage., China Univ. of Geosci., Wuhan, China
Abstract :
Information security risk can be measured by probability of the potential risk incident and its impact. Various quantitative methodologies are given to compute information security risks, but among the existed research, seldom of them considered the difficulties of obtaining data of risk probability and risk impact. Considering the efficiency and operability of collecting data, as well as the effectiveness of output for risk management support, this paper presents a risk assessment methodology for information systems security with the application of group decision making and analytic hierarchy process methods. Procedure of this methodology is provided, and a test case is given to illustrate the effectiveness of this methodology.
Keywords :
decision making; risk management; security of data; analytic hierarchy process method; group decision making; information security risk assessment methodology; risk impact; risk management; risk probability; Decision making; Equations; Information security; Mathematical model; Risk management; analytic hierarchy process; group decision making; information security; risk assessment;
Conference_Titel :
Software Engineering (WCSE), 2010 Second World Congress on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-9287-9
DOI :
10.1109/WCSE.2010.55
