The Fallacies of Information Security Risk Analysis

The Fallacies of Information Security Risk Analysis

碩士 === 淡江大學 === 資訊管理學系碩士班 === 93 === Risk assessment is a critical step before performing information security management. Usually, risk is a subjective judgment, hence qualitative risk analysis methods are widely use for risk assessment. However, important information assets are often being omitted...

Full description

Bibliographic Details
Main Authors: Kuan-Chang Chen, 陳冠彰
Other Authors: Te-Chao Liang
Format: Others
Language:zh-TW
Published: 2005
Online Access:http://ndltd.ncl.edu.tw/handle/30985264143993682867
id ndltd-TW-093TKU05396006
record_format oai_dc
spelling ndltd-TW-093TKU053960062015-10-13T11:57:25Z http://ndltd.ncl.edu.tw/handle/30985264143993682867 The Fallacies of Information Security Risk Analysis 論資訊安全風險分析之謬誤 Kuan-Chang Chen 陳冠彰 碩士 淡江大學 資訊管理學系碩士班 93 Risk assessment is a critical step before performing information security management. Usually, risk is a subjective judgment, hence qualitative risk analysis methods are widely use for risk assessment. However, important information assets are often being omitted while using many popular risk analysis methods. For this reason, this thesis will point out the problem in using qualitative risk analysis methods, especially in rationality of assets calculation and the rank reversal phenomenon. The cautious when using qualitative risk analysis methods are then being addressed. Furthermore, the most common referred international standards and guides are reviewed. Suggestions for using those methods are also proposed. Te-Chao Liang 梁德昭 2005 學位論文 ; thesis 58 zh-TW
collection NDLTD
language zh-TW
format Others
sources NDLTD
description 碩士 === 淡江大學 === 資訊管理學系碩士班 === 93 === Risk assessment is a critical step before performing information security management. Usually, risk is a subjective judgment, hence qualitative risk analysis methods are widely use for risk assessment. However, important information assets are often being omitted while using many popular risk analysis methods. For this reason, this thesis will point out the problem in using qualitative risk analysis methods, especially in rationality of assets calculation and the rank reversal phenomenon. The cautious when using qualitative risk analysis methods are then being addressed. Furthermore, the most common referred international standards and guides are reviewed. Suggestions for using those methods are also proposed.
author2 Te-Chao Liang
author_facet Te-Chao Liang
Kuan-Chang Chen
陳冠彰
author Kuan-Chang Chen
陳冠彰
spellingShingle Kuan-Chang Chen
陳冠彰
The Fallacies of Information Security Risk Analysis
author_sort Kuan-Chang Chen
title The Fallacies of Information Security Risk Analysis
title_short The Fallacies of Information Security Risk Analysis
title_full The Fallacies of Information Security Risk Analysis
title_fullStr The Fallacies of Information Security Risk Analysis
title_full_unstemmed The Fallacies of Information Security Risk Analysis
title_sort fallacies of information security risk analysis
publishDate 2005
url http://ndltd.ncl.edu.tw/handle/30985264143993682867
work_keys_str_mv AT kuanchangchen thefallaciesofinformationsecurityriskanalysis
AT chénguānzhāng thefallaciesofinformationsecurityriskanalysis
AT kuanchangchen lùnzīxùnānquánfēngxiǎnfēnxīzhīmiùwù
AT chénguānzhāng lùnzīxùnānquánfēngxiǎnfēnxīzhīmiùwù
AT kuanchangchen fallaciesofinformationsecurityriskanalysis
AT chénguānzhāng fallaciesofinformationsecurityriskanalysis
_version_ 1716851282477580288

Similar Items