 A multidimensional approach to information security risk management using FMEA and fuzzy theoryMaisa Mendonça Silva, Ana Paula Henriques de Gusmão, Thiago Poleto, Lúcio Camara e Silva and Ana Paula Cabral Seixas Costa International Journal of Information Management, 2014, vol. 34, issue 6, 733-740 Abstract: Because of the evolution and widespread use of the Internet, organisations are becoming more susceptible to attacks on Information Technology Systems. These attacks result in data losses and alterations, and impact services and business operations. Therefore, to minimise these potential failures, this paper presents an approach to information security risk management, encompassing Failure Mode and Effects Analysis (FMEA) and fuzzy theory. This approach analyses five dimensions of information security: access to information and systems, communication security, infrastructure, security management and secure information systems development. To illustrate the proposed model, it was applied to a University Research Group project. The results show that the most important aspects of information security risk are communication security, followed by infrastructure. Keywords: Information security; Risk management; FMEA; Fuzzy theory (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:eee:ininma:v:34:y:2014:i:6:p:733-740 DOI: 10.1016/j.ijinfomgt.2014.07.005 Access Statistics for this article International Journal of Information Management is currently edited by Yogesh K. Dwivedi More articles in International Journal of Information Management from Elsevier |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.