完整後設資料紀錄
DC 欄位語言
dc.contributor.authorGuan, BCen_US
dc.contributor.authorLo, CCen_US
dc.contributor.authorWang, Pen_US
dc.contributor.authorHwang, JSen_US
dc.date.accessioned2014-12-08T15:26:23Z-
dc.date.available2014-12-08T15:26:23Z-
dc.date.issued2003en_US
dc.identifier.isbn0-7803-7882-2en_US
dc.identifier.urihttp://hdl.handle.net/11536/18725-
dc.description.abstractIn the wake of the fast popularization of information and the rise of electronic commerce, information security is gaining much attention. How to perform the evaluation of the value of assets, how to perform the analysis of the risks associated with assets, and how to protect information assets from sabotage, theft and tamper are important topics in the study of the management of information security. This research addresses the aspects of confidentiality, integrity and availability of information and applies the Analytic Hierarchy Process (AHP) to consolidate expert's opinions on information risks, in order to construct an integrated framework for risk analysis. The BS7799 standard and the risk level matrix(RLM) are used accordingly to evaluate the effectiveness of and to categorize the risk management measures and to create a complete model for the assessment of information assets related risks. Finally, the research results are verified by a case study. The results can be used by organizations as references for information security planning and management process improvements.en_US
dc.language.isoen_USen_US
dc.subjectinformation assetsen_US
dc.subjectinformation securityen_US
dc.subjectrisk managementen_US
dc.subjectAHPen_US
dc.subjectBS7799en_US
dc.subjectRisk-Level Matrixen_US
dc.titleEvaluation of information security related risks of an organization - The application of the multi-criteria decision-making methoden_US
dc.typeProceedings Paperen_US
dc.identifier.journal37TH ANNUAL 2003 INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, PROCEEDINGSen_US
dc.citation.spage168en_US
dc.citation.epage175en_US
dc.contributor.department資訊管理與財務金融系 註:原資管所+財金所zh_TW
dc.contributor.departmentDepartment of Information Management and Financeen_US
dc.identifier.wosnumberWOS:000221608800029-
顯示於類別:會議論文