Fuzzy logic, neural networks, and soft computing
Communications of the ACM
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Rule Based Expert Systems: The Mycin Experiments of the Stanford Heuristic Programming Project (The Addison-Wesley series in artificial intelligence)
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Security Metrics: Replacing Fear, Uncertainty, and Doubt
The BT Risk Cockpit --- a visual approach to ORM
BT Technology Journal
Optimized enterprise risk management
IBM Systems Journal
Security risk management using internal controls
Proceedings of the first ACM workshop on Information security governance
Hi-index | 0.00 |
We describe a risk-metric framework that supports enterprise risk management. At the core of the framework is the notion of a risk profile that provides risk measurement for risk elements. By providing a generic template in which metrics can be codified in terms of metric space operators, risk profiles can be used to construct a variety of risk measures for different business contexts. These measures can vary from conventional economic risk calculations to the kinds of metrics that are used by decision support systems, such as those supporting inexact reasoning and that are considered to closely match how humans combine information.