 Practical Methods for Information Security Risk ManagementCristian Amancei () Informatica Economica, 2011, vol. 15, issue 1, 151-159 Abstract: The purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation. Keywords: Risk Management; Threats; Vulnerabilities; Information Security (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aes:infoec:v:15:y:2011:i:1:p:151-159 Access Statistics for this article Informatica Economica is currently edited by Ion Ivan More articles in Informatica Economica from Academy of Economic Studies - Bucharest, Romania Contact information at EDIRC. |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.