http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
A Survey of Information Security Risk Analysis Methods
Armaghan Behnia,Rafhana Abd Rashid,Junaid Ahsenali Chaudhry 한국산학기술학회 2012 SmartCR Vol.2 No.1
There are already many models of risk assessment and more are emerging every day. They all have the same fundamental target, but most attempt to hit the target from very different approaches. Some approaches can be applied to all types of risk, while others are specific to particular risks. A particularly dangerous risk in the global economy today is the security of information. Information is a key asset for organizations, and reducing the risk of information compromise is a high priority. This study proposed a methodology for information security risk analysis in which the assets, vulnerabilities, threats, and controls of an organization are linked. The main purpose of the study is to compare and clarify the different activities, inputs, and outputs required by each model of information security risk assessment and the analysis that effectively addresses the risks of information security. At the moment, there are numerous risk analysis methodologies available, some of which are qualitative while others are more quantitative in nature. These methodologies have a common goal to estimate the overall value of risk. An organization must choose the most proper methodology based on their specific requirements.