For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Construction of E-Business Information Service Platform of International Trade
p.4089
Analysis on the Characteristics and Barriers of Organization Internal Communication during the Transitional Period
p.4093
Identification and Control of Hazard in Underground Blasting
p.4097
Mechanical Properties and Bursting Liability Experimental Research of Roof in East Mine of Kouzi
p.4101
Research on Method of Information System Information Security Risk Management
p.4105
Study on the Improvement Method of Employees' Performance Evaluation System
p.4110
The Advantages and Disadvantages of Traditional Hand Drawing and Computer Drawing in the Network Era
p.4114
The Application of Internet of Things Technology in Modern Logistics and Supply Chain Management
p.4118
The Application of Modern Technology in Sports Promotion
p.4122

Research on Method of Information System Information Security Risk Management

Article Preview

Abstract:

With the popularity of the Internet and global information continues to advance organizational information systems have become an important strategic resource for the survival of the importance of information security to protect its widespread concern. Once the information security organization information system is destroyed, the Organization for Security attribute information would cause tremendous impact the organization's business operation, the losses include not only economic, but also likely to organize image, reputation is a strategic competitive advantage even fatal injuries. However, the existing information systems of information security risk management approach to information system risk analysis and assessment with specific organizational environment and business background with fragmentation, lack of risk analysis and description of the formation process, carried only consider "technical" factors security decisions, lack of full expression to achieve the desired goal of a number of decisions on organizational decision-making. Therefore, the information system to carry information security risk management is essential.

You might also be interested in these eBooks
Progress in Applied Sciences, Engineering and Technology View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 926-930)

Pages:

4105-4109

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.926-930.4105

Citation:

Cite this paper

Online since:

May 2014

Authors:

Xiao Li Cao*

Keywords:

Information Security Risk Management, Information System

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2014 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] International Organization for Standardization. ISO/IEC TR 13335. Guidelines for the Management of IT Security (GMITS). 1996-(2001).

Google Scholar

[2] Townsend, Timothy J., Security Adequacy Review Process and Technology. Technical White Paper. Palo Alto, CA: Sun Microsystems, (1998).

Google Scholar

[3] The International Organization for Standardization. Common Criteria for Information Technology Security Evaluation. ISO/IEC15408, 1999(E).

Google Scholar

[4] Neumann. Computer-related risks[M]: ACM Press, Addison-Wesley Publishing Company, (1995).

Google Scholar

[5] Haimes, Y. Risk Modeling, Assessment, and Management. Wiley Series in Systems Engineering. New York: John Wiley& Sons, August (1998).

Google Scholar

[6] Tregear, J., Consultant., S. Risk Assessment. Information Security Technical Report, 2001, 6(3): pp.19-27.

Google Scholar

[7] SSE-CMM Model Description Document Version 2. 0. (1999).

Google Scholar

[8] S.P. Bennett, M.P. Kailay. An application of qualitative risk analysis to computer security for the commercial sector. Information Security Technical Report, 2001, 6(3): 28-36.

DOI: 10.1109/csac.1992.228232

Google Scholar

[9] Parker, D. Why the Due Care security review method is superior to Risk Assessment. CSI ALERT Newsletter, 212, (2000).

Google Scholar

[10] Levin, D. Lessons Learned in Using Live Red Teams in IA Experiments. DARPA Information Survivability Conference and Exposition (DISCEX'03), Washington, D.C.: IEEE Computer Society. 2003, 1: 110-119.

DOI: 10.1109/discex.2003.1194877

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.