標題: A VIKOR-BASED MULTIPLE CRITERIA DECISION METHOD FOR IMPROVING INFORMATION SECURITY RISK
作者: Yang, Yu-Ping Ou
Shieh, How-Ming
Leu, Jun-Der
Tzeng, Gwo-Hshiung
科技管理研究所
Institute of Management of Technology
關鍵字: Multiple criteria decision making (MCDM);compromise solution;VIKOR;risk assessment;residual risk;information security management system (ISMS)
公開日期: 1-六月-2009
摘要: Most multicriteria methods focus on ranking and selecting from a set of alternatives. These methods are usually used to compare all alternatives based on the synthesized scorings within a normalized scale with respect to the same criteria in multicriteria problems. However, the decision makers often simultaneously manage one or several alternatives/projects with conflicting and noncommensurable criteria to reduce the gaps to achieve the aspired grade in practice. They then need to rank the gaps that have not been reduced or improved (the unimproved gaps) for the alternatives/projects or aspects of a project to get the most benefit. Because these compared alternatives/projects do not usually have the same criteria/aspects, traditional methods are unsuitable to deal with them. Thus, this research proposes a new VIKOR method to solve this problem; this new method allows the decision maker to understand these gaps of the projects/aspects and rank them to improve these large gaps in control items to achieve the aspired level. Its concept originates in compromise solutions, in particular the VIKOR method. In addition, this research also provides an example of improving information security risk to demonstrate the suitability of this new method. The results show the effectiveness of the new method.
URI: http://dx.doi.org/10.1142/S0219622009003375
http://hdl.handle.net/11536/7133
ISSN: 0219-6220
DOI: 10.1142/S0219622009003375
期刊: INTERNATIONAL JOURNAL OF INFORMATION TECHNOLOGY & DECISION MAKING
Volume: 8
Issue: 2
起始頁: 267
結束頁: 287
顯示於類別:期刊論文