Information security management model based on AHP

Information security is the most fundamental basis in the management, the objectivity and accuracy of information security risk assessment play an important role to safeguard the information security In view of the problem on how to evaluate information security, a method of management combined qualitative analysis with quantitative computation is proposed and the method is of strong rationality and effectiveness. In order to set up an appropriate evaluation model, AHP which based on mathematics and psychology was used. Three hierarchy is set up include the decision goal, the criteria for evaluating the alternatives and the last one is the alternatives for reaching the goal. From the AHP model, the essential elements which affect the security of information can be analysis in detail and the different weight of the alternatives can be calculated. According to the different weight of the alternatives the security of information can be evaluated. This method can be better applied into the evaluation of information system security, which provides a new method for evaluation.