Qualitative initial risk analysis for selecting risk analysis approach suitable for IT security policy

In this paper, we presented a qualitative initial risk analysis for selecting risk analysis approach suitable for security efforts where an organization is really need. An initial risk analysis is important to identify which risk analysis method is appropriate for each information system. If an orga...

Full description

Saved in:
Bibliographic Details
Main Authors: Jung-Ho Eom, Young-Hyun Choi, Seon-Ho Park, Tai-Myoung Chung
Format: Conference Proceeding
Language:English
Subjects:
Economics
Europe
initial risk analysis
Production
risk analysis
Risk management
security
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 673
container_issue
container_start_page 669
container_title
container_volume
creator Jung-Ho Eom
Young-Hyun Choi
Seon-Ho Park
Tai-Myoung Chung
description In this paper, we presented a qualitative initial risk analysis for selecting risk analysis approach suitable for security efforts where an organization is really need. An initial risk analysis is important to identify which risk analysis method is appropriate for each information system. If an organization conducts a baseline approach in information system which has very high value and risk, it could be result in significant harm or damage to an organization. In other case, it will be wasted security budget by spending a cost of detailed risk analysis. So, we presented practical qualitative initial risk analysis using matrix scaling method for selecting appropriate approach. Our method applied evaluation items reflecting business process and qualitative asset value. Our method indicates concrete evaluation method and result by assessing with investment expense, the usage of information system, distribution, security level, safeguard, etc.
doi_str_mv 10.1109/ICITIS.2010.5689486
format conference_proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_5689486</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5689486</ieee_id><sourcerecordid>5689486</sourcerecordid><originalsourceid>FETCH-LOGICAL-i90t-6d7de27cf4601c08c5f6d2b6ee03cd2ed6ba21b68ebb90c6b71385dbc636d7f33</originalsourceid><addsrcrecordid>eNpdkMtOhEAQRdsYE3XkC2bTP8DYD2hgaYgPkkmMkf2kH9Va2gKhwYS_lzjjxrup1K06d3EJ2XK245xVt03dtM3rTrDVyFVZZaU6I0lVlDwTWaaqTBbn5PpvEeKSJDF-sFW5KKTMr4h_mXXASU_4DRQ7nFAHOmL8pLrTYYkYqe9HGiGAnbB7-3fTwzD22r7TOK8hJsDvd9OugJ1HnBY69AHtckMuvA4RktPckPbhvq2f0v3zY1Pf7VOs2JQqVzgQhfWZYtyy0uZeOWEUAJPWCXDKaMGNKsGYilllCi7L3Bmr5Ip6KTdke4xFADgMI37pcTmcmpE_Pldaww</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Qualitative initial risk analysis for selecting risk analysis approach suitable for IT security policy</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Jung-Ho Eom ; Young-Hyun Choi ; Seon-Ho Park ; Tai-Myoung Chung</creator><creatorcontrib>Jung-Ho Eom ; Young-Hyun Choi ; Seon-Ho Park ; Tai-Myoung Chung</creatorcontrib><description>In this paper, we presented a qualitative initial risk analysis for selecting risk analysis approach suitable for security efforts where an organization is really need. An initial risk analysis is important to identify which risk analysis method is appropriate for each information system. If an organization conducts a baseline approach in information system which has very high value and risk, it could be result in significant harm or damage to an organization. In other case, it will be wasted security budget by spending a cost of detailed risk analysis. So, we presented practical qualitative initial risk analysis using matrix scaling method for selecting appropriate approach. Our method applied evaluation items reflecting business process and qualitative asset value. Our method indicates concrete evaluation method and result by assessing with investment expense, the usage of information system, distribution, security level, safeguard, etc.</description><identifier>ISBN: 1424469422</identifier><identifier>ISBN: 9781424469420</identifier><identifier>EISBN: 9781424469437</identifier><identifier>EISBN: 1424469430</identifier><identifier>EISBN: 1424469414</identifier><identifier>EISBN: 9781424469413</identifier><identifier>DOI: 10.1109/ICITIS.2010.5689486</identifier><language>eng</language><publisher>IEEE</publisher><subject>Economics ; Europe ; initial risk analysis ; Production ; risk analysis ; Risk management ; security</subject><ispartof>2010 IEEE International Conference on Information Theory and Information Security, 2010, p.669-673</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5689486$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2052,27904,54898</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5689486$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Jung-Ho Eom</creatorcontrib><creatorcontrib>Young-Hyun Choi</creatorcontrib><creatorcontrib>Seon-Ho Park</creatorcontrib><creatorcontrib>Tai-Myoung Chung</creatorcontrib><title>Qualitative initial risk analysis for selecting risk analysis approach suitable for IT security policy</title><title>2010 IEEE International Conference on Information Theory and Information Security</title><addtitle>ICITIS</addtitle><description>In this paper, we presented a qualitative initial risk analysis for selecting risk analysis approach suitable for security efforts where an organization is really need. An initial risk analysis is important to identify which risk analysis method is appropriate for each information system. If an organization conducts a baseline approach in information system which has very high value and risk, it could be result in significant harm or damage to an organization. In other case, it will be wasted security budget by spending a cost of detailed risk analysis. So, we presented practical qualitative initial risk analysis using matrix scaling method for selecting appropriate approach. Our method applied evaluation items reflecting business process and qualitative asset value. Our method indicates concrete evaluation method and result by assessing with investment expense, the usage of information system, distribution, security level, safeguard, etc.</description><subject>Economics</subject><subject>Europe</subject><subject>initial risk analysis</subject><subject>Production</subject><subject>risk analysis</subject><subject>Risk management</subject><subject>security</subject><isbn>1424469422</isbn><isbn>9781424469420</isbn><isbn>9781424469437</isbn><isbn>1424469430</isbn><isbn>1424469414</isbn><isbn>9781424469413</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2010</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNpdkMtOhEAQRdsYE3XkC2bTP8DYD2hgaYgPkkmMkf2kH9Va2gKhwYS_lzjjxrup1K06d3EJ2XK245xVt03dtM3rTrDVyFVZZaU6I0lVlDwTWaaqTBbn5PpvEeKSJDF-sFW5KKTMr4h_mXXASU_4DRQ7nFAHOmL8pLrTYYkYqe9HGiGAnbB7-3fTwzD22r7TOK8hJsDvd9OugJ1HnBY69AHtckMuvA4RktPckPbhvq2f0v3zY1Pf7VOs2JQqVzgQhfWZYtyy0uZeOWEUAJPWCXDKaMGNKsGYilllCi7L3Bmr5Ip6KTdke4xFADgMI37pcTmcmpE_Pldaww</recordid><startdate>201012</startdate><enddate>201012</enddate><creator>Jung-Ho Eom</creator><creator>Young-Hyun Choi</creator><creator>Seon-Ho Park</creator><creator>Tai-Myoung Chung</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201012</creationdate><title>Qualitative initial risk analysis for selecting risk analysis approach suitable for IT security policy</title><author>Jung-Ho Eom ; Young-Hyun Choi ; Seon-Ho Park ; Tai-Myoung Chung</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i90t-6d7de27cf4601c08c5f6d2b6ee03cd2ed6ba21b68ebb90c6b71385dbc636d7f33</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2010</creationdate><topic>Economics</topic><topic>Europe</topic><topic>initial risk analysis</topic><topic>Production</topic><topic>risk analysis</topic><topic>Risk management</topic><topic>security</topic><toplevel>online_resources</toplevel><creatorcontrib>Jung-Ho Eom</creatorcontrib><creatorcontrib>Young-Hyun Choi</creatorcontrib><creatorcontrib>Seon-Ho Park</creatorcontrib><creatorcontrib>Tai-Myoung Chung</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Jung-Ho Eom</au><au>Young-Hyun Choi</au><au>Seon-Ho Park</au><au>Tai-Myoung Chung</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Qualitative initial risk analysis for selecting risk analysis approach suitable for IT security policy</atitle><btitle>2010 IEEE International Conference on Information Theory and Information Security</btitle><stitle>ICITIS</stitle><date>2010-12</date><risdate>2010</risdate><spage>669</spage><epage>673</epage><pages>669-673</pages><isbn>1424469422</isbn><isbn>9781424469420</isbn><eisbn>9781424469437</eisbn><eisbn>1424469430</eisbn><eisbn>1424469414</eisbn><eisbn>9781424469413</eisbn><abstract>In this paper, we presented a qualitative initial risk analysis for selecting risk analysis approach suitable for security efforts where an organization is really need. An initial risk analysis is important to identify which risk analysis method is appropriate for each information system. If an organization conducts a baseline approach in information system which has very high value and risk, it could be result in significant harm or damage to an organization. In other case, it will be wasted security budget by spending a cost of detailed risk analysis. So, we presented practical qualitative initial risk analysis using matrix scaling method for selecting appropriate approach. Our method applied evaluation items reflecting business process and qualitative asset value. Our method indicates concrete evaluation method and result by assessing with investment expense, the usage of information system, distribution, security level, safeguard, etc.</abstract><pub>IEEE</pub><doi>10.1109/ICITIS.2010.5689486</doi><tpages>5</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 1424469422
ispartof 2010 IEEE International Conference on Information Theory and Information Security, 2010, p.669-673
issn
language eng
recordid cdi_ieee_primary_5689486
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Economics
Europe
initial risk analysis
Production
risk analysis
Risk management
security
title Qualitative initial risk analysis for selecting risk analysis approach suitable for IT security policy
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T06%3A05%3A06IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Qualitative%20initial%20risk%20analysis%20for%20selecting%20risk%20analysis%20approach%20suitable%20for%20IT%20security%20policy&rft.btitle=2010%20IEEE%20International%20Conference%20on%20Information%20Theory%20and%20Information%20Security&rft.au=Jung-Ho%20Eom&rft.date=2010-12&rft.spage=669&rft.epage=673&rft.pages=669-673&rft.isbn=1424469422&rft.isbn_list=9781424469420&rft_id=info:doi/10.1109/ICITIS.2010.5689486&rft.eisbn=9781424469437&rft.eisbn_list=1424469430&rft.eisbn_list=1424469414&rft.eisbn_list=9781424469413&rft_dat=%3Cieee_6IE%3E5689486%3C/ieee_6IE%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i90t-6d7de27cf4601c08c5f6d2b6ee03cd2ed6ba21b68ebb90c6b71385dbc636d7f33%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=5689486&rfr_iscdi=true