標題: | A VIKOR-BASED MULTIPLE CRITERIA DECISION METHOD FOR IMPROVING INFORMATION SECURITY RISK |
作者: | Yang, Yu-Ping Ou Shieh, How-Ming Leu, Jun-Der Tzeng, Gwo-Hshiung 科技管理研究所 Institute of Management of Technology |
關鍵字: | Multiple criteria decision making (MCDM);compromise solution;VIKOR;risk assessment;residual risk;information security management system (ISMS) |
公開日期: | 1-六月-2009 |
摘要: | Most multicriteria methods focus on ranking and selecting from a set of alternatives. These methods are usually used to compare all alternatives based on the synthesized scorings within a normalized scale with respect to the same criteria in multicriteria problems. However, the decision makers often simultaneously manage one or several alternatives/projects with conflicting and noncommensurable criteria to reduce the gaps to achieve the aspired grade in practice. They then need to rank the gaps that have not been reduced or improved (the unimproved gaps) for the alternatives/projects or aspects of a project to get the most benefit. Because these compared alternatives/projects do not usually have the same criteria/aspects, traditional methods are unsuitable to deal with them. Thus, this research proposes a new VIKOR method to solve this problem; this new method allows the decision maker to understand these gaps of the projects/aspects and rank them to improve these large gaps in control items to achieve the aspired level. Its concept originates in compromise solutions, in particular the VIKOR method. In addition, this research also provides an example of improving information security risk to demonstrate the suitability of this new method. The results show the effectiveness of the new method. |
URI: | http://dx.doi.org/10.1142/S0219622009003375 http://hdl.handle.net/11536/7133 |
ISSN: | 0219-6220 |
DOI: | 10.1142/S0219622009003375 |
期刊: | INTERNATIONAL JOURNAL OF INFORMATION TECHNOLOGY & DECISION MAKING |
Volume: | 8 |
Issue: | 2 |
起始頁: | 267 |
結束頁: | 287 |
顯示於類別: | 期刊論文 |