Abstract:
Numerous methods for information security risk assessment (ISRA) are available, yet there is little guidance on how to choose one. Through a comprehensive risk identifica...Show MoreMetadata
Abstract:
Numerous methods for information security risk assessment (ISRA) are available, yet there is little guidance on how to choose one. Through a comprehensive risk identification, estimation, and evaluation framework, the author evaluates the practical application of three ISRA methods in terms of tasks required, user experience, and results.
DOI: 10.1109/MC.2017.107