Name
Abstract | ||
|---|---|---|
Regulatory frameworks and economic pressure demand decision makers to define mitigation strategies for their operational IT risks. However, recent studies indicate the lack of IS knowledge at the management level is one reason for inadequate or nonexistent IS risk management strategies because existing approaches fall short of meeting decision makers' needs. This paper presents the FORISK project that provides a new approach to support decision makers in interactively defining the optimal set of resilient measures and security controls according to regulations and standards. FORISK addresses three essential, yet unsolved research problems: (i) the formal representation of IS standards and domain knowledge, (ii) the reliable risk determination, (iii) and the (semi-)automated countermeasure definition. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1109/DSNW.2013.6615533 | Dependable Systems and Networks Workshop |
Keywords | Field | DocType |
information systems,risk management,security of data,forisk project,is knowledge,is risk management strategies,is standards,compliance management,domain knowledge,economic pressure,information security risk formalization,mitigation strategies,operational it risks,regulatory frameworks,reliable risk determination,security controls,semiautomated countermeasure definition,information security,resilience management,semantic technolgies,organizations | Risk management framework,Computer science,Risk analysis (business),Risk analysis (engineering),IT risk,Information security management,Risk management,IT risk management,Security information and event management,Security management | Conference |
ISSN | Citations | PageRank |
2325-6648 | 5 | 0.45 |
References | Authors | |
6 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Stefan Fenz | 1 | 5 | 0.45 |
| Thomas Neubauer | 2 | 50 | 4.22 |
| Rafael Accorsi | 3 | 5 | 1.13 |
| Thomas G. Koslowski | 4 | 5 | 0.45 |