• DocumentCode
    3308485
  • Title

    A new quantitative approach for information security risk assessment

  • Author

    Asosheh, Abbas ; Dehmoubed, Bijan ; Khani, Amir

  • Author_Institution
    Dept. of Ind. Eng., Tarbiat Modares Univ., Tehran, Iran
  • fYear
    2009
  • fDate
    8-11 Aug. 2009
  • Firstpage
    222
  • Lastpage
    227
  • Abstract
    This article represent a new quantitative approach for assessing the overall information security risks in the real business environment. The new approach is based on Microsoft and Callio Secura approach which are common and practical approaches in the world. The advantage of this approach is that the organization can determine its business risk and the return on security investment.
  • Keywords
    security of data; Callio Secura approach; Microsoft approach; business environment; information security risk assessment; Engineering management; ISO standards; Industrial engineering; Information management; Information security; Information technology; Investments; Law; Risk management; Technology management; information asset; information security; return on investment; risk assessment;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Science and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference on
  • Conference_Location
    Beijing
  • Print_ISBN
    978-1-4244-4519-6
  • Electronic_ISBN
    978-1-4244-4520-2
  • Type

    conf

  • DOI
    10.1109/ICCSIT.2009.5234391
  • Filename
    5234391
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3308485