Information Security Management: ANP Based Approach for Risk Analysis and Decision Making

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F60460709%3A41110%2F16%3A70770" target="_blank" >RIV/60460709:41110/16:70770 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.7160/aol.2016.080102" target="_blank" >http://dx.doi.org/10.7160/aol.2016.080102</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.7160/aol.2016.080102" target="_blank" >10.7160/aol.2016.080102</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Information Security Management: ANP Based Approach for Risk Analysis and Decision Making

Popis výsledku v původním jazyce

In information systems security, the objectives of risk analysis process are to help to identify new threats and vulnerabilities, to estimate their business impact and to provide a dynamic set of tools to control the security level of the information system. The identification of risk factors as well as the estimation of their business impact require tools for assessment of risk with multi-value scales according to different stakeholders’ point of view. Therefore, the purpose of this paper is to model risk analysis decision making problem using semantic network to develop the decision network and the Analytical Network Process (ANP) that allows solving complex problems taking into consideration quantitative and qualitative data. As a decision support technique ANP also measures the dependency among risk factors related to the elicitation of individual judgement. An empirical study involving the Forestry Company is used to illustrate the relevance of ANP.

Název v anglickém jazyce

Information Security Management: ANP Based Approach for Risk Analysis and Decision Making

Popis výsledku anglicky

In information systems security, the objectives of risk analysis process are to help to identify new threats and vulnerabilities, to estimate their business impact and to provide a dynamic set of tools to control the security level of the information system. The identification of risk factors as well as the estimation of their business impact require tools for assessment of risk with multi-value scales according to different stakeholders’ point of view. Therefore, the purpose of this paper is to model risk analysis decision making problem using semantic network to develop the decision network and the Analytical Network Process (ANP) that allows solving complex problems taking into consideration quantitative and qualitative data. As a decision support technique ANP also measures the dependency among risk factors related to the elicitation of individual judgement. An empirical study involving the Forestry Company is used to illustrate the relevance of ANP.

Druh

J_SC - Článek v periodiku v databázi SCOPUS

CEP obor

—

OECD FORD obor

10103 - Statistics and probability

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2016

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

AGRIS on-line Papers in Economics and Informatics

ISSN

1804-1930

e-ISSN

—

Svazek periodika

8

Číslo periodika v rámci svazku

1

Stát vydavatele periodika

CZ - Česká republika

Počet stran výsledku

11

Strana od-do

13-23

Kód UT WoS článku

—

EID výsledku v databázi Scopus

2-s2.0-84963811373