We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Practical Methods for Information Security Risk Management.
- Authors
Amancei, Cristian
- Abstract
The purpose of this paper is to present some directions to perform the risk management for information security. The article follows to practical methods through questionnaire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation.
- Subjects
COMPUTER security; RISK management in business; CONFIDENTIAL communications; SOCIAL engineering (Fraud); NETWORK Access Machine (Computer); COMPUTER software
- Publication
Informatica Economica, 2011, Vol 15, Issue 1, p151
- ISSN
1453-1305
- Publication type
Article