RROI analysis in assessing risk of open source software in organization: a case study in Malaysia
This paper describes the process of assessing risk for open source software in an organization. The process starts with identification of internal and external risk in an organization. Then, the potential of proactively securing organization’s system will be analyzed before the threat arises. Risk-b...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Akademia Baru
2017
|
| Subjects: | |
| Online Access: | https://repo.uum.edu.my/id/eprint/25857/1/ARBMS%208%201%202017%2066%2075.pdf |
| Summary: | This paper describes the process of assessing risk for open source software in an organization. The process starts with identification of internal and external risk in an organization. Then, the potential of proactively securing organization’s system will be analyzed before the threat arises. Risk-based return on investment analysis is used to measures the effectiveness on how the organization uses the resources to proactively
reducing the risk. It involve the steps of quantifying the cost of resources in one particular place to accommodate the mitigation plan. Further, the result will be compared to the cost of resources in all places in case of reactive effort. Finding shows that effort to proactively secure company from threats by using antivirus should be conducted with estimation of calculated risk-based return on investment is more than 1820%. |
|---|