Practical Methods for Information Security Risk Management

The purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation.

MoreLess

Year of publication:	2011
Authors:	AMANCEI, Cristian
Published in:	Informatica Economica. - Academia de Studii Economice din Bucureşti, ISSN 1453-1305. - Vol. 15.2011, 1, p. 151-159
Publisher:	Academia de Studii Economice din Bucureşti
Subject:	Risk Management \| Threats \| Vulnerabilities \| Information Security

More details

Extent:	application/pdf
Type of publication:	Article
Language:	English
Source:	RePEc - Research Papers in Economics

Persistent link: https://ebvufind01.dmz1.zbw.eu/10009416323