Risk Reduction Overview

Abstract : The Risk Reduction Overview (RRO) method presents a comprehensible overview of the coherence of risks, measures and residual risks. The method is designed to support communication between different stakeholders in complex risk management. Seven reasons are addressed why risk management in IT security has many uncertainties and fast changing factors, four for IT security in general and three for large organizations specifically. The RRO visualization has been proven valuable to discuss, optimize, evaluate, and audit a design or a change in a complex environment. The method has been used, evaluated, and improved over the last six years in large government and military organizations. Seven areas in design and decision making are identified in which a RRO is found to be beneficial. Despite the widely accepted need for risk management we believe this is the first practical method that delivers a comprehensive overview that improves communication between different stakeholders.
Type de document :
Communication dans un congrès
Stephanie Teufel; Tjoa A Min; Ilsun You; Edgar Weippl. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-8708, pp.239-249, 2014, Availability, Reliability, and Security in Information Systems. 〈10.1007/978-3-319-10975-6_18〉
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01403999
Contributeur : Hal Ifip <>
Soumis le : lundi 28 novembre 2016 - 11:27:14
Dernière modification le : mardi 29 novembre 2016 - 01:04:50
Document(s) archivé(s) le : mardi 21 mars 2017 - 00:12:21

Fichier

978-3-319-10975-6_18_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Hellen Havinga, Olivier Sessink. Risk Reduction Overview. Stephanie Teufel; Tjoa A Min; Ilsun You; Edgar Weippl. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-8708, pp.239-249, 2014, Availability, Reliability, and Security in Information Systems. 〈10.1007/978-3-319-10975-6_18〉. 〈hal-01403999〉

Partager

Métriques

Consultations de la notice

71

Téléchargements de fichiers

12