A Comparative Survey for Evaluating Information Security Risk Assessment Methods | ||||
مجلة الجمعية المصرية لنظم المعلومات وتکنولوجيا الحاسبات | ||||
Article 18, Volume 14, الرابع عشر - Serial Number 14, April 2014, Page 5-12 PDF (7.83 MB) | ||||
Document Type: • البحوث والدراسات والمقالات المستوفاة للقواعد العلمیة المتعارف علیها، والتى یجریها أو یشارک فى إجرائها أعضاء هیئة التدریس والباحثون فى الجامعات ومراکز البحوث المصریة والعربیة، وذلک باللغتین العربیة والإنجلیزیة . | ||||
DOI: 10.21608/jstc.2014.119458 | ||||
View on SCiNiTO | ||||
Author | ||||
Edward Wadid Morcos | ||||
Sadat Academy for Management Sciences | ||||
Abstract | ||||
ABSTRACT Information is a key asset for organizations, and reducing the risk of information compromise is a high priority. There are already many models of risk assessment and more are emerging every day. They all have the same fundamental target, but most attempts to hit the target from very different approaches. Some approaches can be applied to all types of risk; while others are specific to particular risks. There are two common approaches used in risk assessment: a quantitative approach and a qualitative approach. They all have the same fundamental target to estimate the overall value of risk, but most attempts to hit the target from very different approaches. Some approaches can be applied to all types of risk, while others are specific to particular risks. The main purpose of the study is addresses some of the methodologies used currently to analyze information security risks. The main task for an organization is to determine which one to use according to the selecting criteria . Since the organization will spend money on whichever method they choose, it is vital that the chosen methodology meet the requirements. The purpose of the study is to compare and clarify the different model of information security risk assessment and the analysis that effectively addresses the risks of nformation security. | ||||
Statistics Article View: 71 PDF Download: 222 |
||||