A hybrid model for information security risk assessment

Sami Haji, Qing Tan, Rebeca Soler Costa

Research output: Contribution to journalJournal Articlepeer-review

12 Citations (Scopus)

Abstract

Many industry standards and methodologies were introduced which has brought forth the management of threats assessment and risk management of information assets in a systematic manner. This paper will review and analyze the main processes followed in IT risk management frameworks from the perspective of the threat analysis process using a threat modeling methodology. In this study, the authors propose a new assessment model which shows that systematic threat analysis is an essential element to be considered as an integrated process within IT risk management frameworks. The new proposed model complements and fulfills the gap in the practice of assessing information security risks.

Original languageEnglish
JournalInternational Journal of Advanced Trends in Computer Science and Engineering
Volume8
Issue number1
DOIs
Publication statusPublished - 2019

Keywords

  • Risk Assessment
  • Risk Management
  • Security Assessment Framework
  • Threat Analysis

Fingerprint

Dive into the research topics of 'A hybrid model for information security risk assessment'. Together they form a unique fingerprint.

Cite this