 STORM-RM: a collaborative and multicriteria risk management methodologyTheodoros Ntouskas and Nineta Polemi International Journal of Multicriteria Decision Making, 2012, vol. 2, issue 2, 159-177 Abstract: Risk management (RM) is a necessary process in order to identify, categorise and handle security threats, vulnerabilities and risks of information and communication systems (ICS). Existing RM methodologies for the implementation of standards impose various barriers (e.g., limitation in knowledge gathering, time and resources consumption, and cost) which make them unable to meet the growing needs of the current distributed and complex ICS and their hosting critical data and services. Identifying these weaknesses, we treat RM as a multi-criteria problem and we propose a multi-criteria group decision making methodology STORM-RM for its solution combining the analytic hierarchy process (AHP) with security management standards (ISO27001 and AS/NZS 4360). Keywords: risk management; STORM-RM; analytical hierarchy process; AHP; multicriteria decision making; MCDM; collaboration; methodology; group decision making; security management standards. (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:ids:ijmcdm:v:2:y:2012:i:2:p:159-177 Access Statistics for this article More articles in International Journal of Multicriteria Decision Making from Inderscience Enterprises Ltd |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.