Title :
Formalized Method Based on Extenics for Information Security Risk Identification
Author :
Xiao, Min ; Fan, Shixi ; Chai, Rong
Author_Institution :
Coll. of Comput. Sci. & Technol., Chongqing Univ. of Posts & Telecommun., Chongqing, China
Abstract :
Information security risk has become an important attention for today´ s most organizations and risk management was introduced as an effective mechanism. The risk analysis, including risk identification and estimation, is the basis of risk management. In practice, most studies on risk analysis focus on estimation method and identification of risk elements is nothing but reference to given tables. This paper presents a formalized risk identification method that performs an overall analysis on organization from material, antithetical, dynamic and systematic nature by utilizing conjugate analysis method. This method is one of extension methods in Extenics and identifies systematically and comprehensively not only risk elements but also relationships between them and provides sufficient information for the following risk estimation to ensure effectiveness of risk management.
Keywords :
organisational aspects; risk analysis; security of data; conjugate analysis method; formalized risk identification method; information security risk identification; risk analysis; risk estimation method; risk management; Computer science; IEC standards; ISO standards; Industrial engineering; Information management; Information security; Innovation management; Performance analysis; Risk analysis; Risk management; Extenics; conjugate analysis; information security risk management; risk analysis;
Conference_Titel :
Information Management, Innovation Management and Industrial Engineering, 2009 International Conference on
Conference_Location :
Xi´an
Print_ISBN :
978-0-7695-3876-1
DOI :
10.1109/ICIII.2009.415
