Kwantyfikatywne i kwalifikatywne metody analizy ryzyka na potrzeby bezpieczeństwa systemów informatycznych w organizacji
QUALITATIVE AND QUANTITATIVE INFORMATION SYSTEMS SECURITY RISK ANALYSIS METHODS IN AN ORGANIZATION
Author(s): Artur RotSubject(s): Economy
Published by: Wydawnictwo Uniwersytetu Ekonomicznego we Wrocławiu
Keywords: INFORMATION SYSTEMS SECURITY; RISK MANAGEMENT; RISK ANALYSIS; COURTNEY METHOD
Summary/Abstract: Risk management plays a very important role in almost all areas of contemporary organizations. It requires to carry out risk analysis in a reliable and recurring way. The purpose of this article is to present one of the most important steps in the process of risk management that is risk analysis. The article also presents both quantitative and qualitative approaches to this issue. As an example of quantitative method, the paper presents risk analysis according to the Courtney method. The method developed by NIST (National Institute of Standards and Technology) is presented as an example of qualitative approach to information systems security risk analysis.
Journal: Informatyka Ekonomiczna
- Issue Year: 2011
- Issue No: 20
- Page Range: 189-203
- Page Count: 15
- Language: Polish