Practical Methods for Information Security Risk Management
The purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. Th...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Inforec Association
2011-01-01
|
| Series: | Informatică economică |
| Subjects: | |
| Online Access: | http://www.revistaie.ase.ro/content/57/13%20-%20Amancei.pdf |
| _version_ | 1818067043099869184 |
|---|---|
| author | Cristian AMANCEI |
| author_facet | Cristian AMANCEI |
| author_sort | Cristian AMANCEI |
| collection | DOAJ |
| description | The purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation. |
| first_indexed | 2024-12-10T15:17:24Z |
| format | Article |
| id | doaj.art-13c5c77f151d48ca91c628a37af70b3c |
| institution | Directory Open Access Journal |
| issn | 1453-1305 1842-8088 |
| language | English |
| last_indexed | 2024-12-10T15:17:24Z |
| publishDate | 2011-01-01 |
| publisher | Inforec Association |
| record_format | Article |
| series | Informatică economică |
| spelling | doaj.art-13c5c77f151d48ca91c628a37af70b3c2022-12-22T01:43:45ZengInforec AssociationInformatică economică1453-13051842-80882011-01-01151151159Practical Methods for Information Security Risk ManagementCristian AMANCEIThe purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation.http://www.revistaie.ase.ro/content/57/13%20-%20Amancei.pdfRisk ManagementThreatsVulnerabilitiesInformation Security |
| spellingShingle | Cristian AMANCEI Practical Methods for Information Security Risk Management Informatică economică Risk Management Threats Vulnerabilities Information Security |
| title | Practical Methods for Information Security Risk Management |
| title_full | Practical Methods for Information Security Risk Management |
| title_fullStr | Practical Methods for Information Security Risk Management |
| title_full_unstemmed | Practical Methods for Information Security Risk Management |
| title_short | Practical Methods for Information Security Risk Management |
| title_sort | practical methods for information security risk management |
| topic | Risk Management Threats Vulnerabilities Information Security |
| url | http://www.revistaie.ase.ro/content/57/13%20-%20Amancei.pdf |
| work_keys_str_mv | AT cristianamancei practicalmethodsforinformationsecurityriskmanagement |