pISRA: privacy considered information security risk assessment model
| Autor: | Ya-Chi Chu, Wei-Chen Wu, Yu-Chih Wei, Gu-Hsin Lai |
|---|---|
| Rok vydání: | 2018 |
| Předmět: |
020203 distributed computing
Government Computer science Impact assessment Information security risk assessment 02 engineering and technology Theoretical Computer Science Risk analysis (engineering) Action (philosophy) Hardware and Architecture General Data Protection Regulation 0202 electrical engineering electronic engineering information engineering Privacy Impact Assessment media_common.cataloged_instance European union Risk assessment Personally identifiable information Software Information Systems media_common |
| Zdroj: | The Journal of Supercomputing. 76:1468-1481 |
| ISSN: | 1573-0484 0920-8542 |
| DOI: | 10.1007/s11227-018-2371-0 |
| Popis: | The security threats related to personally identifiable information are increasing dramatically. In addition to government agencies, large international companies are potential victims. To comply with regulations such as the European Union General Data Protection Regulation, organizations are required to carry out a privacy impact assessment. However, the conventional information security risk assessment model does not provide a clear methodology for conducting privacy impact assessments. In this paper, we propose a privacy-considered information security risk assessment (pISRA) model, which can take both a privacy impact analysis and risk assessment into consideration. Our proposed model can help risk assessors achieve a comparable and reproducible approach for the entire risk assessment process. Additionally, pISRA can assist organizations to select high-risk items for further action. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full text from SpringerLink