A Comparative Study of Risk Assessment Methods, MEHARI & CRAMM with a New Formal Model of Risk Assessment (FoMRA) in Information Systems
暂无分享,去创建一个
[1] J.A.G. van Kleef,et al. Developing capabilities and competence for sustainable business management as innovation: a research agenda , 2007 .
[2] Ingoo Han,et al. Security threats to Internet: a Korean multi-industry investigation , 2001, Inf. Manag..
[3] Tia Fisher,et al. ROI in social media: A look at the arguments , 2009 .
[4] Houston H. Carr,et al. Risk Analysis for Information Technology , 1991, J. Manag. Inf. Syst..
[5] Karen A. Forcht,et al. Computer Security Management , 1993 .
[6] Amit Bhatnagar,et al. Segmenting consumers based on the benefits and risks of Internet shopping , 2004 .
[7] Jim Dray. COMPUTER SECURITY AND CRIME: IMPLICATIONS FOR POLICY AND ACTION , 1988 .
[8] Nicolas Mayer,et al. La gestion des risques pour les systèmes d'information , 2006 .
[9] 日本規格協会. 情報技術-セキュリティ技術-情報セキュリティ管理策の実践のための規範 : ISO/IEC 27002 = Information technology-Security techniques-Code of practice for information security controls : ISO/IEC 27002 , 2013 .
[10] Robert R. Moeller,et al. IT Audit, Control, and Security , 2010 .
[11] Mirosław Kurkowski,et al. A new mathematical model for analytical risk assessment and prediction in IT systems , 2012 .
[12] J.D Andrews,et al. Application of the cause-consequence diagram method to static systems , 2002, Reliab. Eng. Syst. Saf..
[13] Hany H. Ammar,et al. A Methodology for Architecture-Level Reliability Risk Analysis , 2002, IEEE Trans. Software Eng..
[14] Raduan Che Rose,et al. A conceptual framework of the relationship betweenorganizational resources, capabilities, systems, competitiveadvantage and performance , 2009 .
[15] Quey-Jen Yeh,et al. Threats and countermeasures for information system security: A cross-industry study , 2007, Inf. Manag..
[16] Lisa M. Bartlett,et al. Integrated system fault diagnostics utilising digraph and fault tree-based approaches , 2009, Reliab. Eng. Syst. Saf..
[17] Herbert J. Mattord,et al. Principles of Information Security , 2004 .
[18] Linda G. Wallace,et al. Is Information Security Under Control?: Investigating Quality in Information Security Management , 2007, IEEE Security & Privacy.
[19] Rossouw von Solms,et al. A framework for the governance of information security , 2004, Comput. Secur..
[20] Ibnu Gunawan,et al. AUDIT SISTEM INFORMASI PERPUSTAKAAN UNIVERSITAS KRISTEN PETRA BERDASARKAN STANDAR CONTROL OBJECTIVES FOR INFORMATION AND RELATED TECHNOLOGY (COBIT 4.0) , 2013 .
[21] Christopher J. Alberts,et al. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0 , 1999 .
[22] Daniel Mellado,et al. A systematic review of security requirements engineering , 2010, Comput. Stand. Interfaces.
[23] J. Ezingeard,et al. Triggers of Change in Information Security Management Practices , 2007 .
[24] Brian Veitch,et al. Methodology for Computer-Aided Fault Tree Analysis , 2007 .
[25] Herbert J. Mattord,et al. Principles of Information Security, 4th Edition , 2011 .
[26] B. Moon. Consumer adoption of the internet as an information search and product purchase channel: some research hypotheses , 2004 .
[27] Robert Moeller. IT Audit, Control, and Security: Moeller/IT , 2010 .
[28] Avimanyu Datta,et al. Information Technology Capability, Knowledge Assets and Firm Innovation: A Theoretical Framework for Conceptualizing the Role of Information Technology in Firm Innovation , 2011, Int. J. Strateg. Inf. Technol. Appl..