STORM-RM: a collaborative and multicriteria risk management methodology
| Autor: | Theodoros Ntouskas, Nineta Polemi |
|---|---|
| Rok vydání: | 2012 |
| Předmět: |
Engineering
Knowledge management business.industry Process (engineering) Strategy and Management Analytic hierarchy process Management Science and Operations Research Communications system Multiple-criteria decision analysis Group decision-making Risk analysis (engineering) Order (exchange) Security management business Risk management |
| Zdroj: | International Journal of Multicriteria Decision Making. 2:159 |
| ISSN: | 2040-1078 2040-106X |
| DOI: | 10.1504/ijmcdm.2012.046941 |
| Popis: | Risk management (RM) is a necessary process in order to identify, categorise and handle security threats, vulnerabilities and risks of information and communication systems (ICS). Existing RM methodologies for the implementation of standards impose various barriers (e.g., limitation in knowledge gathering, time and resources consumption, and cost) which make them unable to meet the growing needs of the current distributed and complex ICS and their hosting critical data and services. Identifying these weaknesses, we treat RM as a multi-criteria problem and we propose a multi-criteria group decision making methodology STORM-RM for its solution combining the analytic hierarchy process (AHP) with security management standards (ISO27001 and AS/NZS 4360). |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|