Information Security Risk Assessment

Ievgeniia Kuzminykh, Bogdan Ghita, Volodymyr Sokolov, Taimur Bakhshi

Research output: Contribution to journalArticlepeer-review

31 Downloads (Pure)

Abstract

Information security risk assessment is an important part of enterprises’ management practices that helps to identify, quantify, and prioritize risks against criteria for risk acceptance and objectives relevant to the organization. Risk management refers to a process that consists of identification, management, and elimination or reduction of the likelihood of events that can negatively affect the resources of the information system to reduce security risks that potentially have the ability to affect the information system, subject to an acceptable cost of protection means that contain a risk analysis, analysis of the “cost-effectiveness” parameter, and selection, construction, and testing of the security subsystem, as well as the study of all aspects of security.
Original languageEnglish
Pages (from-to)602-617
Number of pages16
JournalEncyclopedia
Volume1
Issue number3
DOIs
Publication statusPublished - 24 Jul 2021
Externally publishedYes

Keywords

  • information risk management
  • security risk management
  • risk classification
  • OCTAVE
  • CRAMM
  • RiskWatch
  • fuzzy logic

Fingerprint

Dive into the research topics of 'Information Security Risk Assessment'. Together they form a unique fingerprint.

Cite this