Information Security Management: ANP Based Approach for Risk Analysis and Decision Making

In information systems security, the objectives of risk analysis process are to help to identify new threats and vulnerabilities, to estimate their business impact and to provide a dynamic set of tools to control the security level of the information system. The identification of risk factors as well as the estimation of their business impact require tools for assessment of risk with multi-value scales according to different stakeholders’ point of view. Therefore, the purpose of this paper is to model risk analysis decision making problem using semantic network to develop the decision network and the Analytical Network Process (ANP) that allows solving complex problems taking into consideration quantitative and qualitative data. As a decision support technique ANP also measures the dependency among risk factors related to the elicitation of individual judgement. An empirical study involving the Forestry Company is used to illustrate the relevance of ANP.


Issue Date:
Mar 30 2016
Publication Type:
Journal Article
DOI and Other Identifiers:
1804-1930 (Other)
PURL Identifier:
http://purl.umn.edu/233959
Published in:
AGRIS on-line Papers in Economics and Informatics, Volume 08, Number 1
Page range:
13-23
Total Pages:
11
Series Statement:
08
01




 Record created 2017-04-01, last modified 2017-08-29

Fulltext:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)