Practical Methods for Information Security Risk Management

Cristian AMANCEI

Informatică economică (Jan 2011)

Practical Methods for Information Security Risk Management

Cristian AMANCEI

Affiliations

Cristian AMANCEI

Journal volume & issue: Vol. 15, no. 1
pp. 151 – 159

Abstract

Read online

The purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation.

Published in Informatică economică

ISSN: 1453-1305 (Print); 1842-8088 (Online)
Publisher: Inforec Association
Country of publisher: Romania
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Electronics: Computer engineering. Computer hardware; Bibliography. Library science. Information resources
Website: http://revistaie.ase.ro

About the journal

Abstract

Keywords