A risk and cost-benefit assessment of information security measures in lubricating oils company
Conference proceedings article
ผู้เขียน/บรรณาธิการ
กลุ่มสาขาการวิจัยเชิงกลยุทธ์
ไม่พบข้อมูลที่เกี่ยวข้อง
รายละเอียดสำหรับงานพิมพ์
รายชื่อผู้แต่ง: Dejdumrong N., Anannavee N., Uttranadhi T.
ผู้เผยแพร่: Hindawi
ปีที่เผยแพร่ (ค.ศ.): 2010
หน้าแรก: 7
หน้าสุดท้าย: 12
จำนวนหน้า: 6
ISBN: 9780889868618
นอก: 0146-9428
eISSN: 1745-4557
ภาษา: English-Great Britain (EN-GB)
บทคัดย่อ
In the current situation of world economic and political uncertainty, risk assessment and management of a company is inevitably required as an obligation not just an option. Information security assessment is an important component of an effective risk management process. This paper proposes a technique how business should determine its information assets and justify the investments in information system protection by using the well-known technique called the cost-benefit analysis (CBA). In order to examine the technique, one of the lubricating oils companies is selected as a case study. Its system is then assessed and the information assets are determined. The security weaknesses or vulnerability of the systems have been defined. Finally, some potential solutions were recommended to be implemented. An incident response management including its associated plans is also introduced as an application of information security assessment. The result from this research indicated that the CBA technique can be used as an effective tool to optimize the IT security investment and prioritize the implementation.
คำสำคัญ
cost-benefit analysis, Incident response plan, Information asset, Information security
ติดต่อสอบถามเพิ่มเติมได้ที่