A hybrid model for information security risk assessment

Sami Haji, Qing Tan, Rebeca Soler Costa

Research output: Contribution to journalJournal Articlepeer-review

12 Citations (Scopus)


Many industry standards and methodologies were introduced which has brought forth the management of threats assessment and risk management of information assets in a systematic manner. This paper will review and analyze the main processes followed in IT risk management frameworks from the perspective of the threat analysis process using a threat modeling methodology. In this study, the authors propose a new assessment model which shows that systematic threat analysis is an essential element to be considered as an integrated process within IT risk management frameworks. The new proposed model complements and fulfills the gap in the practice of assessing information security risks.

Original languageEnglish
JournalInternational Journal of Advanced Trends in Computer Science and Engineering
Issue number1
Publication statusPublished - 2019


  • Risk Assessment
  • Risk Management
  • Security Assessment Framework
  • Threat Analysis


Dive into the research topics of 'A hybrid model for information security risk assessment'. Together they form a unique fingerprint.

Cite this