Font Size:
Selection of Information Security Risk Management Method Using Analytic Hierarchy Process (AHP)
Last modified: 2011-10-03
Abstract
Numerous existent information security risk management (ISRM) methods greatly differ in approach, complexity of usage, level of detail and applicability to organizations of different sizes and business models. Selection of a method that fits requirements of an organization can be complex and resource intensive process with significant possibility for suboptimal decision. This paper presents a model for selection of optimal ISRM method based on Analytic Hierarchy Process (AHP) and comparison of risk management methods performed by ENISA. The model is evaluated through selection of optimal ISRM method for a financial institution by a group of experts and results are presented.
Full Text:
PDF