Upload File

a quantitative measurement methodology for calculating risk related to information security

  • Home
  • Documents
  • A Quantitative Measurement Methodology for calculating Risk related to Information Security
prev
next
out of 4
Download A Quantitative Measurement Methodology for calculating Risk related to Information Security

Upload: international-organization-of-scientific-research-iosr

Post on 03-Jun-2018

215 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • 8/12/2019 A Quantitative Measurement Methodology for calculating Risk related to Information Security

    1/4

    IOSR Journal of Computer Engineering (IOSR-JCE)e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 16, Issue 1, Ver. IX (Feb. 2014), PP 17-20www.iosrjournals.org

    www.iosrjournals.org 17 | Page

    A Quantitative Measurement Methodology for calculating Riskrelated to Information Security.

    Abhishek kumar srivastav 1, Irman Ali 2, Shani Fatema 31,2 M.S in Cyber Law & Information Security

    3 M.Tech in Software Engineering 1,2 Indian Institute of Information Technology, Allahabad ,India

    3SRMSCET, Bareilly, India

    Abstract : Nowadays, technology increases, so the risk related to technology is also increasing. Risk is the possibility of suffering loss. Therefore, we have to adopt some risk management methodology to reduce thenumber of risks. There are many risks are present in the organization. So it is the primary concern in riskmanagement which risk we have to deal with because reducing every risk is not possible in any way. There is

    some risk that is always present, which is known as residual risk. Risk Assessment is the part of risk

    management. In this paper, we are focusing on quantitative approaches for risk assessment related toinformation security. Keyword : Risk, information security, risk assessment, quantitative approach .

    I. Introduction:Information security plays a very important role in any organization even it is non IT organization

    because every organization has some critical and sensitive information and information security is all aboutsecuring the information. The possibility that something could go wrong with information like damage,disclosure, loss, destroy of information is known as risk. Therefore, it is necessary to anticipate and identify allkinds of risk related to information in the organization. Risk management therefore very important for everyorganization.

    Risk Management : The main goal of risk management is to reduce the impact of all types of risk that mightaffect the business information. Risk Management consists of three important activities. Risk Identification Risk Assessment Risk Containment

    1-Risk Identification : risk identification is the process or mechanism of identifying all the dangers andhazards that may affect the business information. It is a procedure of analyzing, reviewing, anticipating all kindsof possible risk. Basically, there are two types of risk

    Systematic Risk Unsystematic Risk

    Systematic Risk: Systematic Risk are those risks that affect the large set of asset. For example a politicalevent may affect several asset in the organization is a type of systematic risk. Systematic risk is also classifiedinto three categories:

    Interest rate risk Market risk Inflationary risk

    Unsystematic risk : unsystematic Risk is those risks that affect a very small set of asset. It is also known asspecific risk . Unsystematic risk is classified into three categories.

    Financial risk Business risk Operational risk

  • 8/12/2019 A Quantitative Measurement Methodology for calculating Risk related to Information Security

    2/4

    A Quantitative Measurement Methodology for calculating Risk related to Information Security.

    www.iosrjournals.org 18 | Page

    2-Risk Assessment: The main goal of risk assessment is to rank or quantify the risk in terms of their damagecausing potential. For risk Assessment each risk should be first classifieds in two ways.

    The probability of the risk coming true. The consequences or impact if the risk becomes true.

    Risk Exposure or Risk Impact can be calculated by the following formula:

    Risk Exposure = Probability * severity

    Where probability is likely or the frequency with which risk becoming true and.Severity is defined as what is theimpact or damage if a particular risk becoming true.

    Risk Assessment Steps: these are the following steps to perform risk assessment Assets characterization Threat identification Vulnerability identification Analysis of safeguarding Frequency or probability determination Impact analysis Determination of risk Safeguard recommendations Documentation of result

    In this paper we are trying to show risk assessment work flow through a diagram. In the followingfigure we are trying to evaluate each step of risk assessment, what are Inputs, and Output of each stage in

    performing risk assessment activities.

  • 8/12/2019 A Quantitative Measurement Methodology for calculating Risk related to Information Security

    3/4

  • 8/12/2019 A Quantitative Measurement Methodology for calculating Risk related to Information Security

    4/4


Advanced Quantitative Research Methodology, Lecture …gking.harvard.edu/files/discov.pdf · Advanced Quantitative Research Methodology, Lecture ... statistics, and data analysis

Development of Methodology for Calculating Estimated Net Price Information … · 2015-08-04 · Development of Methodology for Calculating Estimated Net Price Information for Negotiated

Methodology – Calculating Heat Demand - Highland · Methodology – Calculating Heat Demand ... CIBSE TM46 Significant Point Source ... Nairn Swimming Pool – 1,166,410

Methodology for Calculating National Average Drug ... · Methodology for Calculating the National Average Drug Acquisition Cost (NADAC) for Medicaid Covered Outpatient Drugs. November

A quantitative defense of linguistic methodology

Advanced Quantitative Research Methodology, Lecture

Methodology for Designing Quantitative Roadmaps towards

METHODOLOGY FOR CALCULATING NUTRIENT LOAD REDUCTIONS USING ... · Page 1 of 12 METHODOLOGY FOR CALCULATING NUTRIENT LOAD REDUCTIONS USING THE FSA ASSESSMENT TOOL By Michael Bateman,

Cost Effective Methodology for Reducing and Calculating …infohouse.p2ric.org/ref/28/27027.pdf · COST EFFECTIVE METHODOLOGY FOR REDUCING AND CALCULATING I. ... polyballs balls must

METHODOLOGY Open Access High throughput quantitative

Quantitative vs Qualitative Research. Quantitative Methodology Preference for precise hypothesis stated at the onset. Qualitative Methodology Preference

Draft - Proposed Methodology for Calculating Advisory ...Mar 04, 2003  · Proposed Methodology for Calculating Advisory Human-Exposure-Based Screening Numbers Developed to Aid Estimation

Methodology for calculating the Africa Regional …...Methodology for calculating the Africa Regional Integration Index (A RII) I. Introduction Indices are an aggregated measure that

METHODOLOGY FOR METODOLOGÍA DE CALCULATING THE PRE …

technical principles and methodology for calculating · PDF filetechnical principles and methodology for calculating GHG balances of . ... Technical principles and methodology for

The Production Function Methodology for Calculating Potential Growth Rates

Proposal for a Methodology for calculating the Value of

Methodology in quantitative research

Methodology for quantitative data collection - EUMAGINEeumagine.org/outputs/PP6A Methodology for quantitative data... · Methodology for quantitative data collection Final Version,

Quantitative Genetics - Western Oregon Universityguralnl/311Quantitative Genetics.pdf · Quantitative Genetics • Polygenic inheritance Continuous variation Additive alleles Calculating

Statistics as a methodology for calculating clinical

Methodology Event-specific qualitative and quantitative

3D whole-brain quantitative histopathology: methodology

A METHODOLOGY FOR CALCULATING HYDRAULIC SYSTEM RELIABILITY ...etd.lib.metu.edu.tr/upload/1088954/index.pdf · A METHODOLOGY FOR CALCULATING HYDRAULIC SYSTEM RELIABILITY OF ... A METHODOLOGY

A METHODOLOGY FOR CALCULATING HYDRAULIC SYSTEM …

Deliverable D3.1 Methodology and questionnaire for the ... · Methodology and questionnaire for the quantitative survey . D3.1 Methodology and questionnaire for the quantitative survey

Methodology for Calculating Nutrient Load Reductions Using ... · Methodology for Calculating Nutrient Load Reductions Using the FSA MS4 Load Reduction Assessment Tool June 2019

Methodology for Calculating National Average Drug ......Average Drug Acquisition Cost (NADAC) for Medicaid Covered Outpatient Drugs November 2013 Methodology for Calculating the National

Quantitative Methodology

A methodology for calculating the ABSTRACT of structures

Methodology – Calculating Heat Demand

technical principles and methodology for calculating … · technical principles and methodology for calculating GHG balances of ... Technical principles and methodology for ... basis

Morningstar Quantitative RatingTM for funds Methodology · Morningstar Quantitative Rating ... Methodology Introduction Morningstar has been conducting independent investment research

New methodology for calculating damage variables evolution

Clarification of Methodology for Calculating … 1 CLARIFICATION OF METHODOLOGY FOR CALCULATING POTENTIAL TO EMIT (PTE) FOR BATCH CHEMICAL PRODUCTION OPERATIONS I. BACKGROUND In a