Information Security Risk Analysis

Curriculum development related to information security policies and procedures

InfoSecCD '05 Proceedings of the 2nd annual conference on Information security curriculum development

A tentative proposal: improving information assurance risk analysis models for small- and medium-sized enterprises through adoption of an open development model

InfoSecCD '06 Proceedings of the 3rd annual conference on Information security curriculum development

Threats and countermeasures for information system security: A cross-industry study

Information and Management

A taxonomy of intrusion response systems

International Journal of Information and Computer Security

A new assessment and improvement model of risk propagation in information security

International Journal of Information and Computer Security

Human factors in software security risk management

Proceedings of the first international workshop on Leadership and management in software architecture

Teaching network risk assessment to online graduate students

Proceedings of the 4th annual conference on Information security curriculum development

Multiobjective decision support for defining secure business processes: a case study

International Journal of Business Intelligence and Data Mining

Ontological Vulnerability Assessment

WISE '08 Proceedings of the 2008 international workshops on Web Information Systems Engineering

Guidelines for secure software development

Proceedings of the 2008 annual research conference of the South African Institute of Computer Scientists and Information Technologists on IT research in developing countries: riding the wave of technology

Towards a knowledge-sharing approach for Information Security Risk Management

Proceedings of the 2008 conference on Knowledge-Based Software Engineering: Proceedings of the Eighth Joint Conference on Knowledge-Based Software Engineering

IT security analysis best practices and formal approaches

Foundations of security analysis and design IV

A calculus for the qualitative risk assessment of policy override authorization

Proceedings of the 3rd international conference on Security of information and networks

A quantitative methodology for information security control gap analysis

Proceedings of the 2011 International Conference on Communication, Computing & Security

An information systems security risk assessment model under uncertain environment

Applied Soft Computing

Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness

MIS Quarterly

A hybrid information security risk assessment procedure considering interdependences between controls

Expert Systems with Applications: An International Journal

Factors influencing information security management in small- and medium-sized enterprises: A case study from Turkey

International Journal of Information Management: The Journal for Information Professionals

An economic modelling approach to information security risk management

International Journal of Information Management: The Journal for Information Professionals

E-Voting Risk Assessment: A Threat Tree for Direct Recording Electronic Systems

International Journal of Information Security and Privacy

A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis

Information Sciences: an International Journal