International Research journal of Management Science and Technology

  ISSN 2250 - 1959 (online) ISSN 2348 - 9367 (Print) New DOI : 10.32804/IRJMST

Impact Factor* - 6.2311


**Need Help in Content editing, Data Analysis.

Research Gateway

Adv For Editing Content

   No of Download : 101    Submit Your Rating     Cite This   Download        Certificate

EVALUATING IT SECURITY RISK MANAGEMENT METHODS

    1 Author(s):  MALAYA NAYAK

Vol -  10, Issue- 1 ,         Page(s) : 105 - 111  (2019 ) DOI : https://doi.org/10.32804/IRJMST

Abstract

Organizations and industries are constantly updating their parameters to carry out risk management mechanisms. Different data-security management strategies are available to companies, and they have different solutions to define, calculate, track and manage comprehensive safety risks. Organizations find it difficult to choose a risk analysis approach for safety; thus, an unbiased analytical system is needed to determine risk management strategies for safety risk mitigation. The accompanying paper offers a comparison-based system on CobiT's Arrangement and the Control 9, Sample Risks, which could be used for the review of risk management approaches. A comparison method is used to test three obvious approaches. The strengths and disadvantages of the measured approaches are illustrated through the comparative scheme. It comparison system provides an unbiased evaluation method for determining whether or not the expanded control of security risks is compatible with the management of risk creativity.

Alberts, C.J. & Dorofee, A.J. (June 2001). OCTAVE Method Implementation Guide Version 2.0. Carnegie Mellon University.
Alberts, C.J. & Dorofee, A.J. (June 2002). Managing Information Security Risks – The OCTAVE Approach. Pearson Education Ltd.
Baker & McKenzie. Global E-Commerce Law – Canada Security Legislation and Regulations. Available from: http://www.bmck.com/ecommerce/canada-s.htm#161 (Accessed 11 January 2004).
Baker & McKenzie. Global E-Commerce Security Law – US Federal Security Legislation and Regulations. Available from: http://www.bmck.com/ecommerce/fedlegis-s.htm (Accessed 11 January 2004).
Bjørn, A.G. (January 2002). CORAS, A Platform for Risk Analysis on Security Critical Systems – Model-based Risk Analysis Targeting Security. Presented at EWICS Symposium 22.01.2002. Available from: http://www.nr.no/coras (Accessed August 2003).
Cadbury,. The Committee on the Financial Aspects of Corporate Governance and Gee and Co. Ltd. (1992). The Financial Aspects of Corporate Governance. Gee.
Dimitrakos, T., Ritchie, B., Raptis, D. & Stølen, K. (2002). Model Based Security Risk Analysis for Web Applications: The CORAS Approach. EuroWeb 2002.
Insight Consulting. (2003). CRAMM Expert Walkthrough and Overview – Flash Presentation.
IT Governance Institute. (2001). Board Briefing on IT Governance. Available from: http://www.ITgovernance.org
IT Governance Institute. (July 2000). CobiT 3d Edition. The CobiT Steering Committee and the IT Governance Institute.
King Committee on Corporate Governance. (2002). King II Report – 2002. Institute of Directors (IOD), South Africa.
Labuschagne, L. (2003). Utilising the OCTAVE Methodology to Your Advantage by Reducing Information Security Risk and Vulnerability. Proceedings of the IT Risk Management Symposium (South Africa). Conducted by the Institute for International Research.
Parker, D.B. (2000). Why the Due Care security review method is superior to Risk Assessment. The Newsletter for Information Protection Professionals, Number 212, November 2000. Computer Security Institute.
Pritchard, S., Da Veiga, A. & KPMG International. (2003). CobiT – The New Frontier. Proceedings of the IT Risk Management Symposium (South Africa). Conducted by the Institute for International Research. Sarbanes-Oxley Act of 2002. (23 January 2002). United States Congress. (H.R. 3763).
Standards Australia. (1999). Risk Management – AS/NSW 4360:1999; Standards Australia/Standards New Zealand. The Institute of Chartered Accountants in England & Wales. (September 1999). Internal Control – Guidance for Directors on the Combined Code.

*Contents are provided by Authors of articles. Please contact us if you having any query.






Bank Details