A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industry
Risk is inherent and inseparable part of life and business. Always uncertainty condition arising from incomplete information and data or ungovernable variables, associated with opportunities and threats.Nowadays many organizations and companies have relied heavily on information systems and informat...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | fas |
Published: |
Allameh Tabataba'i University Press
2015-06-01
|
Series: | Muṭāli̒āt-i Mudīriyyat-i Ṣan̒atī |
Subjects: | |
Online Access: | https://jims.atu.ac.ir/article_1322_486ae91563d0ce54e0433828f1dda20c.pdf |
_version_ | 1797367665486987264 |
---|---|
author | Reza Yousefi Zenouz Akbar Hassanpoor Parisa Mousavi |
author_facet | Reza Yousefi Zenouz Akbar Hassanpoor Parisa Mousavi |
author_sort | Reza Yousefi Zenouz |
collection | DOAJ |
description | Risk is inherent and inseparable part of life and business. Always uncertainty condition arising from incomplete information and data or ungovernable variables, associated with opportunities and threats.Nowadays many organizations and companies have relied heavily on information systems and information security management has transformed to an important organizational topics. And due to the fact that the use of information systems security may be created some risks, an effective risk management process, will result in a successful security program. Risk management includes risk identification process, risk assessment and risk-reduction efforts to acceptable levels. The objective of this research is to prioritize information security risks, in order to provide a mechanism to enhance the security of enterprise information. To this end, a model has been presented for organizational information security risk assessment using the fuzzy AHP and Bayesian networks. In the assessment process, risks impact by fuzzy AHP and risks probability by Bayesian networks have calculated and finally The risks Prioritized. The findings suggest In the case study, the risk of lack of knowledge and lack of proper training in the field of information security, have the highest priority and attention is needed most |
first_indexed | 2024-03-08T17:21:31Z |
format | Article |
id | doaj.art-28fcc43f09944629877e704b11e4c14e |
institution | Directory Open Access Journal |
issn | 2251-8029 2476-602X |
language | fas |
last_indexed | 2024-03-08T17:21:31Z |
publishDate | 2015-06-01 |
publisher | Allameh Tabataba'i University Press |
record_format | Article |
series | Muṭāli̒āt-i Mudīriyyat-i Ṣan̒atī |
spelling | doaj.art-28fcc43f09944629877e704b11e4c14e2024-01-03T04:44:06ZfasAllameh Tabataba'i University PressMuṭāli̒āt-i Mudīriyyat-i Ṣan̒atī2251-80292476-602X2015-06-0113371611851322A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industryReza Yousefi Zenouz0Akbar Hassanpoor1Parisa Mousavi2استادیار گروه مدیریت دانشگاه خوارزمیاستادیار گروه مدیریت دانشگاه خوارزمیکارشناسی ارشد مدیریت فناوری اطلاعات دانشگاه خوارزمیRisk is inherent and inseparable part of life and business. Always uncertainty condition arising from incomplete information and data or ungovernable variables, associated with opportunities and threats.Nowadays many organizations and companies have relied heavily on information systems and information security management has transformed to an important organizational topics. And due to the fact that the use of information systems security may be created some risks, an effective risk management process, will result in a successful security program. Risk management includes risk identification process, risk assessment and risk-reduction efforts to acceptable levels. The objective of this research is to prioritize information security risks, in order to provide a mechanism to enhance the security of enterprise information. To this end, a model has been presented for organizational information security risk assessment using the fuzzy AHP and Bayesian networks. In the assessment process, risks impact by fuzzy AHP and risks probability by Bayesian networks have calculated and finally The risks Prioritized. The findings suggest In the case study, the risk of lack of knowledge and lack of proper training in the field of information security, have the highest priority and attention is needed mosthttps://jims.atu.ac.ir/article_1322_486ae91563d0ce54e0433828f1dda20c.pdf: information securityriskrisk managementahp fuzzybayesian networks |
spellingShingle | Reza Yousefi Zenouz Akbar Hassanpoor Parisa Mousavi A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industry Muṭāli̒āt-i Mudīriyyat-i Ṣan̒atī : information security risk risk management ahp fuzzy bayesian networks |
title | A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industry |
title_full | A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industry |
title_fullStr | A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industry |
title_full_unstemmed | A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industry |
title_short | A model to Prioritizing Organizational Information security risks using by Fuzzy AHP and Bayesian Networks in the banking industry |
title_sort | model to prioritizing organizational information security risks using by fuzzy ahp and bayesian networks in the banking industry |
topic | : information security risk risk management ahp fuzzy bayesian networks |
url | https://jims.atu.ac.ir/article_1322_486ae91563d0ce54e0433828f1dda20c.pdf |
work_keys_str_mv | AT rezayousefizenouz amodeltoprioritizingorganizationalinformationsecurityrisksusingbyfuzzyahpandbayesiannetworksinthebankingindustry AT akbarhassanpoor amodeltoprioritizingorganizationalinformationsecurityrisksusingbyfuzzyahpandbayesiannetworksinthebankingindustry AT parisamousavi amodeltoprioritizingorganizationalinformationsecurityrisksusingbyfuzzyahpandbayesiannetworksinthebankingindustry AT rezayousefizenouz modeltoprioritizingorganizationalinformationsecurityrisksusingbyfuzzyahpandbayesiannetworksinthebankingindustry AT akbarhassanpoor modeltoprioritizingorganizationalinformationsecurityrisksusingbyfuzzyahpandbayesiannetworksinthebankingindustry AT parisamousavi modeltoprioritizingorganizationalinformationsecurityrisksusingbyfuzzyahpandbayesiannetworksinthebankingindustry |