A new perspective on risk assessment techniques

Proceedings of the 5th International Network Conference, INC 2005

Volumn , Issue , 2005, Pages 227-234

  Smith, E ^a   Eloff, J H P ^b  

^a UNIVERSITY OF SOUTH AFRICA   (South Africa)

^b UNIVERSITY OF PRETORIA   (South Africa)

Author keywords

Calculative risk assessment; Checklist based risk assessment; Fuzzy logic based risk assessment; Heuristicbased risk assessment; Intuitive risk assessment; Risk assessment

Indexed keywords

FUZZY LOGIC; RISK MANAGEMENT;

ASSESSMENT TECHNIQUE; INTEGRAL PART; LEVEL OF DETAIL; SECURITY PLAN;

RISK ASSESSMENT;

EID: 28644437909     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (19)

1. Anderson, A.M. (1991). Comparing risk analysis methodologies. In D.T. Lindsay & W.L. Price (Eds.), Information Security, (pp. 301-311). North-Holland: Elsevier.
2. Carr, V. & Tah, J.H.M. (2001). A fuzzy approach to construction project risk assessment and analysis: construction project risk management system. Advances in Engineering Software. 32: 847-857.
3. Ciechanowicz, Z. (1997). Risk analysis: requirements, conflicts and problems. Computers & Security. 16(3): 223-232. Elsevier Science Ltd.
4. Coles, R.S. & Moulton, R. (2003). Operationalizing IT risk management. Computers & Security. 22(6): 487- 493. Elsevier Science Ltd.
5. Cox, E.D. (1994). The fuzzy systems handbook: A practitioner's guide to building, using and maintaining fuzzy systems. Boston: Academic Press.
6. Edrich, C. (2002). Risk management: here to stay. Cutter IT journal. 15(2): 28-30. USA: Cutter IT J.
7. Finne, T. (2000). Information systems risk management: Key concepts and business processes. Computers & Security. 19(3):234-242. Elsevier Science Ltd.
8. Goseva-Popstojanova, K., Hassan, A., Guedem, A., Abdelmoez, W., Nassar, D.E.M., Ammar, H. & Mili, A. (2003). Architectural-level risk analysis using UML. IEEE Transaction on Software Engineering. 29(10): 946-960. IEEE.
9. Josang, A., Bradley, D. & Knapskog, S.J. (2004). Belief-based risk analysis. In Proceedings of the second workshop on Australasian Information security, Data Mining and Web Intelligence and Software Internationalization 32: 63-86. Australia: Australian Computer Society, Inc.
10. Kosko, B. (1994). Fuzzy thinking. London: Flamingo.
11. May, C. (2002). Risk Management - Practising what we preach. Computer fraud & security. 8: 10-13.
12. Pfleeger, C.P. & Pfleeger, S.L. (2003). Security in Computing. Prentice Hall, Upper Saddle River.
13. Svenson, P. & Sidenbladh, H. (2003). Determining possible avenues of approach using ANTS. In Proceedings of the 6th International Conference on Information Fusion (pp. 516-523). NM, USA: Univ. New Mexico.
14. Sungbaek, C. & Ciechanowicz, Z. (2001). Checklist-based risk analysis with evidential reasoning. In M. Dupuy & P. Paradinas (Eds.), Trusted Information. New decade challenge. Proceedings of the 16th International Information Security Conference. (277-292). MA, USA: Kluwer Academic Publishers.
15. Wright, M. (1999). Third generation risk management practices. Computer Fraud & Security. February: 9-12. Elsevier Science Ltd.
16. Xu, Z., Khoshgoftaar, T.M. & Allen, E.B. (2003). Application of fuzzy expert systems in assessing operational risk of software. Information and Software Technology. 45: 373-388.
17. Yacoub, S.M. & Ammar, H.H. (2002). A methodology for architecture-level reliability risk analysis. IEEE Transactions on Software Engineering. 28(6): 529-547. IEEE.
18. Zadeh, L.A. (1975). The concept of a linguistic variable and its application to approximate reasoning. Information Sciences. 8(3): 199-249 (Part I); 8(4):301-357 (Part II); 9(1): 43-80 (Part III).
19. Zadeh, L.A. (1986). Commonsense reasoning based on fuzzy logic. In Proceedings of the 18th conference on winter simulation. (445-447). New York: ACM Press.