Journal Article10.1201/1086/45098.14.1.20050301/87268.4
Measuring Risk Using Existing Frameworks
Edwin Covert,Fran Nielsen +1 more
4
TL;DR: Risks to IT systems are a function of the likelihood that some threat will attack, or exploit, some vulnerability in the system and a calculation of the potential impact resulting from these attacks or exploitations.
read more
Abstract: This article focuses on risks to information technology (IT) systems. Technically speaking, risk to an IT system is a function of the likelihood that some threat will attack, or exploit, some vulnerability in the system and a calculation of the potential impact resulting from these attacks or exploitations.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Generalized risk assessment index for information systems auditing
D. Peto
- 09 Oct 2006
TL;DR: A numerical index has been created that calculates the simultaneous effects of the risks identified using the COBIT methodology, and allows the enhancement of management decisions on IT-related asset allocation.
4
•Proceedings Article
A Meta-Analysis of Security Risk Theory Literature in IS from 2000-2006
April Adams,Gary F. Templeton,Natalie Campbell +2 more
- 01 Jan 2007
TL;DR: A comprehensive appraisal of the published Security Risk articles in MIS journals over the last 6 years is presented, as well as a discussion on the findings in trends of evolution of the topic.
2
A potential loss of trust as a result of the conflicting messages within information security research
Daniel Oost
- 07 Jun 2010
TL;DR: One implication of emerging (and established) technologies relates to information security researchers' writing on their management and use is a potential loss of trust in information security research.
1
References
•Book
Guide for the Security Certification And Accreditation of Federal Information Systems
Ronald S. Ross
- 31 Dec 2004
TL;DR: This guideline has been prepared for use by federal agencies and is consistent with the requirements of the FISMA, but such standards and guidelines shall not apply to national security systems.
Guide for the Security Certification And Accreditation of Federal Information Systems
Ronald S. Ross
- 31 Dec 2004
36