Asset Valuation Method for Dependent Entities
Asset analysis and valuation are important parts of the information security risk management. Outputs they produce are used in the process of risk analysis that plays a key role in securing organi-zation's business processes. A correct analysis and valuation of assets should reveal not only the...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Journal Article |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/83343 http://hdl.handle.net/10220/42540 http://isyou.info/jisis/vol4/no3/5.htm |
| _version_ | 1811679065769246720 |
|---|---|
| author | Breier, Jakub |
| author2 | School of Physical and Mathematical Sciences |
| author_facet | School of Physical and Mathematical Sciences Breier, Jakub |
| author_sort | Breier, Jakub |
| collection | NTU |
| description | Asset analysis and valuation are important parts of the information security risk management. Outputs they produce are used in the process of risk analysis that plays a key role in securing organi-zation's business processes. A correct analysis and valuation of assets should reveal not only their importance for the organization, but also their relationships and dependencies between each other. There is a lack of works considering asset dependencies for the risk management purposes, this part is usually left for a subjective perception of a risk analyst, who should adjust the risk values in the end. In our work we propose a systematic approach for including asset dependencies in the asset valuation process. We inspect the relations between assets from the common security attributes point of view-confidentiality, integrity and availability. Our method should help to formalize the problem with dependent entities in the organization's model. |
| first_indexed | 2024-10-01T03:03:14Z |
| format | Journal Article |
| id | ntu-10356/83343 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T03:03:14Z |
| publishDate | 2017 |
| record_format | dspace |
| spelling | ntu-10356/833432020-09-26T22:16:44Z Asset Valuation Method for Dependent Entities Breier, Jakub School of Physical and Mathematical Sciences Temasek Laboratories information security risk management risk analysis Asset analysis and valuation are important parts of the information security risk management. Outputs they produce are used in the process of risk analysis that plays a key role in securing organi-zation's business processes. A correct analysis and valuation of assets should reveal not only their importance for the organization, but also their relationships and dependencies between each other. There is a lack of works considering asset dependencies for the risk management purposes, this part is usually left for a subjective perception of a risk analyst, who should adjust the risk values in the end. In our work we propose a systematic approach for including asset dependencies in the asset valuation process. We inspect the relations between assets from the common security attributes point of view-confidentiality, integrity and availability. Our method should help to formalize the problem with dependent entities in the organization's model. Published version 2017-05-31T07:55:04Z 2019-12-06T15:20:23Z 2017-05-31T07:55:04Z 2019-12-06T15:20:23Z 2014 Journal Article Breier, J. (2014). Asset Valuation Method for Dependent Entities. Journal of Internet Services and Information Security, 4(3), 72-81. 2182-2069 https://hdl.handle.net/10356/83343 http://hdl.handle.net/10220/42540 http://isyou.info/jisis/vol4/no3/5.htm en Journal of Internet Services and Information Security © 2014 The Author(s). This is the author created version of a work that has been peer reviewed and accepted for publication in Journal of Internet Services and Information Security, published by Innovative Information Science & Technology Research Group (ISYOU) AND Institute of Engineering - Polytechnic of Porto (ISEP/IPP) on behalf of The Author(s). It incorporates referee’s comments but changes resulting from the publishing process, such as copyediting, structural formatting, may not be reflected in this document. The published version is available at: [http://isyou.info/jisis/vol4/no3/5.htm]. 10 p. application/pdf |
| spellingShingle | information security risk management risk analysis Breier, Jakub Asset Valuation Method for Dependent Entities |
| title | Asset Valuation Method for Dependent Entities |
| title_full | Asset Valuation Method for Dependent Entities |
| title_fullStr | Asset Valuation Method for Dependent Entities |
| title_full_unstemmed | Asset Valuation Method for Dependent Entities |
| title_short | Asset Valuation Method for Dependent Entities |
| title_sort | asset valuation method for dependent entities |
| topic | information security risk management risk analysis |
| url | https://hdl.handle.net/10356/83343 http://hdl.handle.net/10220/42540 http://isyou.info/jisis/vol4/no3/5.htm |
| work_keys_str_mv | AT breierjakub assetvaluationmethodfordependententities |