IRTUM – Institutional Repository of the Technical University of Moldova

Methodology and algorithm of information security risk management for local infrastructure

Show simple item record

dc.contributor.author BULAI, Rodica
dc.contributor.author CIORBĂ, Dumitru
dc.contributor.author POȘTARU, Andrei
dc.contributor.author CĂLIN, Rostislav
dc.date.accessioned 2022-01-29T09:25:42Z
dc.date.available 2022-01-29T09:25:42Z
dc.date.issued 2018
dc.identifier.citation BULAI, Rodica, CIORBĂ, Dumitru, POȘTARU, Andrei et al. Methodology and algorithm of information security risk management for local infrastructure. In: Central and Eastern European EDem and EGov Days, 2018, V. 331, pp. 399-410. en_US
dc.identifier.uri https://doi.org/10.24989/ocg.v325.33
dc.identifier.uri http://repository.utm.md/handle/5014/18973
dc.description.abstract The complexity of information security does not resume to mere technicality, transferring significant liability to proper management. Risk analysis in information security is a powerful tool that comes in handy for managers in making decisions about the implementation of efficient information management systems, in order to achieve the organization's mission. As a part of risk management, risk analysis is the systematic implementation of methods, techniques and management practices to assess the context, identify, analyze, evaluate, treat, monitor and communicate the risks for the information security and systems through which they are processed, stored or transmitted. The ISO/IEC 27005:2011 – Information security risk management, does not specify any particular method for managing the risks associated with information security, but a general approach. It is up to the organization to devise control objectives that would reflect specific approaches to risk management and the degree of assurance required. There are several models, methodologies and tools amongst which those like CRAMM (United Kingdom, Insight Consulting), Risicare/Mehari (France, Clusif), GSTool (Germany, ITGrundschutz). The theoretical model of the mentioned methodologies is hard to put in practice without experience required from the members of the risk analysis team. Using the appropriate risk assessment solution, an organization can devise its own security requirements. en_US
dc.language.iso en en_US
dc.publisher Central and Eastern European EDem and EGov Days en_US
dc.rights Attribution-NonCommercial-NoDerivs 3.0 United States *
dc.rights.uri http://creativecommons.org/licenses/by-nc-nd/3.0/us/ *
dc.subject information security en_US
dc.subject risk management en_US
dc.title Methodology and algorithm of information security risk management for local infrastructure en_US
dc.type Article en_US


Files in this item

The following license files are associated with this item:

This item appears in the following Collection(s)

Show simple item record

Attribution-NonCommercial-NoDerivs 3.0 United States Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivs 3.0 United States

Search DSpace


Browse

My Account