Software Risk Management: Principles and Practices
IEEE Software
Security Risks: Management and Mitigation in the Software Life Cycle
WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002
IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002
Achieving Service-Oriented Architecture: Applying an Enterprise Architecture Approach
Achieving Service-Oriented Architecture: Applying an Enterprise Architecture Approach
Metrics and Methods for Security Risk Management
Metrics and Methods for Security Risk Management
Service-Oriented Architecture: SOA Strategy, Methodology, and Technology
Service-Oriented Architecture: SOA Strategy, Methodology, and Technology
| Hi-index | 0.00 |
In this study, we adopt the structure behavior coalescence methodology to construct an architecture-oriented information security risk assessment model (AOISRAM), which is integrated structure and behavior of the risk assessment model. AOISRAM solves many difficulties caused by the process-oriented approach in ISO 27001:2005 of information security risk assessment such as uneven distribution of resources, poor safety performance, and high risk. We find out the information security consultant, project manager are the key roles for the success of the risk assessment from structure behavior coalescence diagram. The feedback mechanism in the enterprise is essential to report and respond to the incidents for reducing the risk. This research achieves a beneficial model and knowledge for the information security risk assessment. This accomplishment may be valuable for the business and academic circles to follow and refer.