Archive - Central European Conference on Information and Intelligent Systems, CECIIS - 2011

Font Size: 
Information Security Risk Assessment in Financial Institutions Using VECTOR Matrix and OCTAVE Methods
Ivan Magdalenić, Davor Maček, Nikola Ivković

Last modified: 2011-10-03

Abstract


This paper describes and compares methods for assessing information security risk in financial institutions. For different types of information assets is necessary to apply different methods of security risk assessment. In this paper, a VECTOR method is described and recommended for security risk assessment that can be used in defining the priorities of critical risks. For conducting a more detailed level of security risk analysis it is recommended to use the OCTAVE method. Both methods are applied to a real case scenario and their strengths and weakness are compared.

Full Text: PDF