Does traditional security risk assessment have a future in information security?

Ruighaver, A. B., Warren, M. and Ahmad, A. 2011, Does traditional security risk assessment have a future in information security?, Journal of information warfare, vol. 10, no. 3, pp. 16-28.

Attached Files
Name Description MIMEType Size Downloads

Title Does traditional security risk assessment have a future in information security?
Author(s) Ruighaver, A. B.
Warren, M.
Ahmad, A.
Journal name Journal of information warfare
Volume number 10
Issue number 3
Start page 16
End page 28
Total pages 13
Publisher Mindsystems Pty. Ltd.
Place of publication Mt. Eliza, Vic.
Publication date 2011
ISSN 1445-3312
1445-3347
Keyword(s) information security
risk management
security assessment
security requirements
Summary The current information security standards still advocate the use of risk assessment in the prioritisation of security investments. However, prior research on the use of risk assessment methodologies in organisational security has shown that the use of the traditional monolithic risk assessment process described in the current risk management standard is simply not practical at the organisational level. This paper first examines the problems in performing a systematic risk assessment and then discusses the limitations of a traditional risk assessment. To address these limitations, this paper proposes splitting up the current monolithic risk assessment process. The result is an information security assessment framework that puts greater emphasis on situational awareness and allows for better decision making on the prioritization of security investments.
Language eng
Field of Research 080699 Information Systems not elsewhere classified
Socio Economic Objective 890399 Information Services not elsewhere classified
HERDC Research category C1.1 Refereed article in a scholarly journal
HERDC collection year 2011
Persistent URL http://hdl.handle.net/10536/DRO/DU:30049947

Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 88 Abstract Views, 3 File Downloads  -  Detailed Statistics
Created: Wed, 19 Dec 2012, 10:12:11 EST by Beatrice Fitzgerald

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.