We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
pISRA: privacy considered information security risk assessment model.
- Authors
Wei, Yu-Chih; Wu, Wei-Chen; Lai, Gu-Hsin; Chu, Ya-Chi
- Abstract
The security threats related to personally identifiable information are increasing dramatically. In addition to government agencies, large international companies are potential victims. To comply with regulations such as the European Union General Data Protection Regulation, organizations are required to carry out a privacy impact assessment. However, the conventional information security risk assessment model does not provide a clear methodology for conducting privacy impact assessments. In this paper, we propose a privacy-considered information security risk assessment (pISRA) model, which can take both a privacy impact analysis and risk assessment into consideration. Our proposed model can help risk assessors achieve a comparable and reproducible approach for the entire risk assessment process. Additionally, pISRA can assist organizations to select high-risk items for further action.
- Subjects
RISK assessment; INFORMATION technology security; DATA privacy; PERSONALLY identifiable information; DATA protection
- Publication
Journal of Supercomputing, 2020, Vol 76, Issue 3, p1468
- ISSN
0920-8542
- Publication type
Article
- DOI
10.1007/s11227-018-2371-0