Title :
Quantitative security risk assessment (SRA) method: An empirical case study
Author :
Bernardo, Danilo Valeros ; Bee Bee Chua ; Hoang, Doan
Author_Institution :
Fac. of Eng. & Inf. Technol., Univ. of Technol., Sydney, Sydney, NSW, Australia
Abstract :
This paper introduces a novel approach to a more practical Quantitative SRA. The approach formalized in this paper is based on the methods described in various risk assessment frameworks that were described by existing international standards with adjustments combining qualitative and ranking method based on distance-based approach. The successful implementation of this approach in four organizations provides an alternative conventional means of performing a more practical Quantitative SRA, in a manner consistent with current set of standards and practices.
Keywords :
risk management; security of data; distance based approach; qualitative method; quantitative SRA method; ranking method; security risk assessment; Australia; Communication system security; Data security; ISO standards; Information security; Information technology; Risk analysis; Risk management; Spine; Standards organizations; AS/NZS 4360; Distance-based method; ISO 27001; Security Risk Assessment; ranking method;
Conference_Titel :
Nature & Biologically Inspired Computing, 2009. NaBIC 2009. World Congress on
Conference_Location :
Coimbatore
Print_ISBN :
978-1-4244-5053-4
DOI :
10.1109/NABIC.2009.5393885
