Title :
CERTS: a comparative evaluation method for risk management methodologies and tools
Author :
Garrabrants, W.M. ; Ellis, A.W., III ; Hoffman, L.J. ; Kamel, M.
Author_Institution :
Dept. of Adm. Sci., Naval Postgraduate Sch., Monterey, CA, USA
Abstract :
The advent of decentralized computing and an increasingly important role for information as a resource has prompted the development of a variety of methods and tools for managing the risk exposure of a computer system. As a result of the diversity of risk management tools available, there is no effective means of determining which of the tools would be most suitable for any given organization´s situation. A new technique is proposed to effectively and objectively evaluate these tools for suitability and to establish a means of comparison of the tools among each other
Keywords :
security of data; software metrics; CERTS; decentralized computing; risk management methodologies; risk management tools; Computer science; Computer security; Costs; Decision making; Engineering management; Government; Resource management; Risk analysis; Risk management; Standards development;
Conference_Titel :
Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2105-2
DOI :
10.1109/CSAC.1990.143783
