Loading...
conference paper
Information security risk assessment, aggregation, and mitigation
2004
Information Security And Privacy, Proceedings
As part of their compliance process with the Basel 2 operational risk management requirements, banks must define how they deal with information security risk management. In this paper we describe work in progress on a new quantitative model to assess and aggregate information security risks that is currently under development for deployment. We show how to find a risk mitigation strategy that is optimal with respect to the model used and the available budget.
Loading...
Name
NPDF-31.pdf
Access type
openaccess
Size
139.83 KB
Format
Adobe PDF
Checksum (MD5)
469e55dde3349134ecb5a842651fbe31