Skip to Main Content
The existent models aiming at information security risk analysis primary startle the problem from a technical view. Although the knowledge based approaches are studied for information security risk analysis, they are limited in rule presentation and assessing management. The bottom-up approaches fails to effectively support the security decision and control. The purpose of this study is to study a managerial solution based on knowledge model for information security risk analysis. We propose a knowledge quantitative model based on logistic equation, and then it is extended for analysis for risk factors, asset value estimation and risk computation. The computation methods of asset value and general risk entirely upon the knowledge model are studied and discussed.