MEHARI模型风险分析述评:创业教育平台风险分析指南

2020 International Conference on Information Management and Technology (ICIMTech) Pub Date : 2020-08-01 DOI:10.1109/ICIMTech50083.2020.9211204

M. Rivai, J. Suroso, Firman Pangemanan

{"title":"MEHARI模型风险分析述评:创业教育平台风险分析指南","authors":"M. Rivai, J. Suroso, Firman Pangemanan","doi":"10.1109/ICIMTech50083.2020.9211204","DOIUrl":null,"url":null,"abstract":"The risk analysis supported by technical assets can be more expensive and not enough to analyze information security requirements. The old method adaptation depend mostly on the calculations estimatations of probabilities and financial loss during a security breach. The purpose of this paper is to propose alternative ways to conduct risk analysis for small companies. Risk analysis defined in the paper is an analysis to identify such comprehensive risks set by concentrating by equal to the information and technology also not undermine the people and process area too. This method considers the essential business processes that focus for the relevance of the analysis. Crucial items for this practice consist of business-driven studies for identify relevant IT assets and risk method scenarios for capturing procedure details, and security. People involvement and tools selected for the analysis will be expected for result from set of risks that identified more comprehensively also for high increase of the security awareness to all of the organization.","PeriodicalId":407765,"journal":{"name":"2020 International Conference on Information Management and Technology (ICIMTech)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Review of The Risk Analysis Using MEHARI Model: The Guideline To Analyze Risk For Startup Educational Platform\",\"authors\":\"M. Rivai, J. Suroso, Firman Pangemanan\",\"doi\":\"10.1109/ICIMTech50083.2020.9211204\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The risk analysis supported by technical assets can be more expensive and not enough to analyze information security requirements. The old method adaptation depend mostly on the calculations estimatations of probabilities and financial loss during a security breach. The purpose of this paper is to propose alternative ways to conduct risk analysis for small companies. Risk analysis defined in the paper is an analysis to identify such comprehensive risks set by concentrating by equal to the information and technology also not undermine the people and process area too. This method considers the essential business processes that focus for the relevance of the analysis. Crucial items for this practice consist of business-driven studies for identify relevant IT assets and risk method scenarios for capturing procedure details, and security. People involvement and tools selected for the analysis will be expected for result from set of risks that identified more comprehensively also for high increase of the security awareness to all of the organization.\",\"PeriodicalId\":407765,\"journal\":{\"name\":\"2020 International Conference on Information Management and Technology (ICIMTech)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 International Conference on Information Management and Technology (ICIMTech)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIMTech50083.2020.9211204\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on Information Management and Technology (ICIMTech)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIMTech50083.2020.9211204","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

由技术资产支持的风险分析可能更昂贵，而且不足以分析信息安全需求。旧方法的适应主要依赖于安全漏洞期间概率和经济损失的计算和估计。本文的目的是提出对小企业进行风险分析的替代方法。本文定义的风险分析是一种通过集中于信息和技术，同时不破坏人员和过程域，来识别这种综合风险的分析。该方法考虑了关注分析相关性的基本业务流程。此实践的关键项目包括业务驱动的研究，用于识别相关的IT资产和风险方法场景，用于捕获过程细节，以及安全性。人们的参与和为分析选择的工具将被期望从一组更全面地识别的风险中得到结果，也将被期望在整个组织中提高安全意识。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Review of The Risk Analysis Using MEHARI Model: The Guideline To Analyze Risk For Startup Educational Platform

The risk analysis supported by technical assets can be more expensive and not enough to analyze information security requirements. The old method adaptation depend mostly on the calculations estimatations of probabilities and financial loss during a security breach. The purpose of this paper is to propose alternative ways to conduct risk analysis for small companies. Risk analysis defined in the paper is an analysis to identify such comprehensive risks set by concentrating by equal to the information and technology also not undermine the people and process area too. This method considers the essential business processes that focus for the relevance of the analysis. Crucial items for this practice consist of business-driven studies for identify relevant IT assets and risk method scenarios for capturing procedure details, and security. People involvement and tools selected for the analysis will be expected for result from set of risks that identified more comprehensively also for high increase of the security awareness to all of the organization.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 International Conference on Information Management and Technology (ICIMTech)

自引率

0.00%

发文量