A conceptual framework of info structure for information security risk assessment (ISRA)
Information security has become a vital entity to most organizations today due to current trends in information transfer through a borderless and vulnerable world. The concern and interest in information security is mainly due to the fact that information security risk assessment (ISRA) is a vita...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
Elsevier
2013
|
| Subjects: | |
| Online Access: | http://eprints.uthm.edu.my/8090/1/J4184_fecbfe8dd3d86e47930e20d1eb443870.pdf http://eprints.uthm.edu.my/8090/ http://dx.doi.org/10.1016/j.jisa.2013.07.002 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1833418566637977600 |
|---|---|
| author | Shamala, Palaniappan Ahmad, Rabiah Yusoff, Mariana |
| author_facet | Shamala, Palaniappan Ahmad, Rabiah Yusoff, Mariana |
| author_sort | Shamala, Palaniappan |
| building | UTHM Library |
| collection | Institutional Repository |
| content_provider | Universiti Tun Hussein Onn Malaysia |
| content_source | UTHM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | Information security has become a vital entity to most organizations today due to current
trends in information transfer through a borderless and vulnerable world. The concern and
interest in information security is mainly due to the fact that information security risk
assessment (ISRA) is a vital method to not only to identify and prioritize information assets
but also to identify and monitor the specific threats that an organization induces; especially
the chances of these threats occurring and their impact on the respective businesses.
However, organizations wanting to conduct risk assessment may face problems in selecting
suitable methods that would augur well in meeting their needs. This is due to the existence of
numerous methodologies that are readily available. However, there is a lack in agreed
reference benchmarking as well as in the comparative framework for evaluating these ISRA
methods to access the information security risk. Generally, organizations will choose the
most appropriate ISRA method by carrying out a comparative study between the available
methodologies in detail before a suitable method is selected to conduct the risk assessment.
This paper suggests a conceptual framework of info-structure for ISRA that was developed by
comparing and analysing six methodologies which are currently available. The info�structure for ISRA aims to assist organizations in getting a general view of ISRA flow, gath�ering information on the requirements to be met before risk assessment can be conducted
successfully. This info-structure can be conveniently used by organizations to complete all
the required planning as well as the selection of suitable methods to complete the ISRA. |
| format | Article |
| id | my.uthm.eprints-8090 |
| institution | Universiti Tun Hussein Onn Malaysia |
| language | en |
| publishDate | 2013 |
| publisher | Elsevier |
| record_format | eprints |
| spelling | my.uthm.eprints-80902022-12-06T02:58:22Z http://eprints.uthm.edu.my/8090/ A conceptual framework of info structure for information security risk assessment (ISRA) Shamala, Palaniappan Ahmad, Rabiah Yusoff, Mariana T Technology (General) Information security has become a vital entity to most organizations today due to current trends in information transfer through a borderless and vulnerable world. The concern and interest in information security is mainly due to the fact that information security risk assessment (ISRA) is a vital method to not only to identify and prioritize information assets but also to identify and monitor the specific threats that an organization induces; especially the chances of these threats occurring and their impact on the respective businesses. However, organizations wanting to conduct risk assessment may face problems in selecting suitable methods that would augur well in meeting their needs. This is due to the existence of numerous methodologies that are readily available. However, there is a lack in agreed reference benchmarking as well as in the comparative framework for evaluating these ISRA methods to access the information security risk. Generally, organizations will choose the most appropriate ISRA method by carrying out a comparative study between the available methodologies in detail before a suitable method is selected to conduct the risk assessment. This paper suggests a conceptual framework of info-structure for ISRA that was developed by comparing and analysing six methodologies which are currently available. The info�structure for ISRA aims to assist organizations in getting a general view of ISRA flow, gath�ering information on the requirements to be met before risk assessment can be conducted successfully. This info-structure can be conveniently used by organizations to complete all the required planning as well as the selection of suitable methods to complete the ISRA. Elsevier 2013 Article PeerReviewed text en http://eprints.uthm.edu.my/8090/1/J4184_fecbfe8dd3d86e47930e20d1eb443870.pdf Shamala, Palaniappan and Ahmad, Rabiah and Yusoff, Mariana (2013) A conceptual framework of info structure for information security risk assessment (ISRA). Journal Of Information Security And Applications, 18. pp. 45-52. http://dx.doi.org/10.1016/j.jisa.2013.07.002 |
| spellingShingle | T Technology (General) Shamala, Palaniappan Ahmad, Rabiah Yusoff, Mariana A conceptual framework of info structure for information security risk assessment (ISRA) |
| title | A conceptual framework of info structure for
information security risk assessment (ISRA) |
| title_full | A conceptual framework of info structure for
information security risk assessment (ISRA) |
| title_fullStr | A conceptual framework of info structure for
information security risk assessment (ISRA) |
| title_full_unstemmed | A conceptual framework of info structure for
information security risk assessment (ISRA) |
| title_short | A conceptual framework of info structure for
information security risk assessment (ISRA) |
| title_sort | conceptual framework of info structure for
information security risk assessment (isra) |
| topic | T Technology (General) |
| url | http://eprints.uthm.edu.my/8090/1/J4184_fecbfe8dd3d86e47930e20d1eb443870.pdf http://eprints.uthm.edu.my/8090/ http://dx.doi.org/10.1016/j.jisa.2013.07.002 |
| url_provider | http://eprints.uthm.edu.my/ |