Abstract
Many industry standards and methodologies were introduced which has brought forth the management of threats assessment and risk management of information assets in a systematic manner. This paper will review and analyze the main processes followed in IT risk management frameworks from the perspective of the threat analysis process using a threat modeling methodology. In this study, the authors propose a new assessment model which shows that systematic threat analysis is an essential element to be considered as an integrated process within IT risk management frameworks. The new proposed model complements and fulfills the gap in the practice of assessing information security risks.
Original language | English |
---|---|
Journal | International Journal of Advanced Trends in Computer Science and Engineering |
Volume | 8 |
Issue number | 1 |
DOIs | |
Publication status | Published - 2019 |
Keywords
- Risk Assessment
- Risk Management
- Security Assessment Framework
- Threat Analysis