A comprehensive framework for comparing system security risk assessment methods

Tianxi Dong, Surya B. Yadav

Research output: Contribution to conferencePaper

1 Scopus citations

Abstract

With the increasing importance of system security risk assessment, a number of system security risk assessment methods or models have already appeared and more are emerging every day. Therefore it is difficult for organizations to select a method that best suits their requirements. The difficulty of selection drives the need toward a comparative framework to evaluate system security risk assessment methods. In the underlying research-in-progress paper we propose a comprehensive framework for comparing system security assessment methods. Unlike most of the existing comparative framework, the proposed framework covers the whole process of system security risk assessment based on the evaluation criteria of completeness and effectiveness. In our future research, three current system security risk assessment methods will be evaluated using the proposed comparative framework. This framework will highlight the strengths and weaknesses of the methods compared.

Original languageEnglish
StatePublished - 2014
Event20th Americas Conference on Information Systems, AMCIS 2014 - Savannah, GA, United States
Duration: Aug 7 2014Aug 9 2014

Conference

Conference20th Americas Conference on Information Systems, AMCIS 2014
CountryUnited States
CitySavannah, GA
Period08/7/1408/9/14

Keywords

  • Comparative framework
  • SSR assessment method
  • System security risk assessment

Fingerprint Dive into the research topics of 'A comprehensive framework for comparing system security risk assessment methods'. Together they form a unique fingerprint.

  • Cite this

    Dong, T., & Yadav, S. B. (2014). A comprehensive framework for comparing system security risk assessment methods. Paper presented at 20th Americas Conference on Information Systems, AMCIS 2014, Savannah, GA, United States.