Showing 1 - 2 of 2
The starting point of this research essay is a critical review of two methods to conduct a quantitative analysis of information systems security risks: 1) Management of Risk: Guidance for Practitioners and 2) a cost model based on annual loss expectancy. We are focusing on these methods with a...
Persistent link: https://www.econbiz.de/10013026191
Purpose This study aims to argue that in the case of quantitative security risk assessment, individuals do not estimate probabilities as a likelihood measure of event occurrence. Design/methodology/approach The study uses the most commonly used quantitative assessment approach, the annualized...
Persistent link: https://www.econbiz.de/10014754776