Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Overview of Enterprise Information Needs in Information Security Risk Assessment
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.ORCID iD: 0000-0001-7386-7471
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.ORCID iD: 0000-0003-3922-9606
Show others and affiliations
2014 (English)In: Proceedings of the 18th IEEE International EDOC Conference (EDOC 2014), 2014Conference paper, Published paper (Refereed)
Abstract [en]

Methods for risk assessment in information security suggest users to collect and consider sets of input information, often notably different, both in type and size. To explore these differences, this study compares twelve established methods on how their input suggestions map to the concepts of ArchiMate, a widely used modeling language for enterprise architecture. Hereby, the study also tests the extent, to which ArchiMate accommodates the information suggested by the methods (e.g., for the use of ArchiMate models as a source of information for risk assessment). Results of this study show how the methods differ in suggesting input information in quantity, as well as in the coverage of the ArchiMate structure. Although the translation between ArchiMate and the methods’ input suggestions is not perfect, our results indicate that ArchiMate is capable of modeling fair portions of the information needed for the methods for information security risk assessment, which makes ArchiMate models a promising source of guidance for performing risk assessments.

Place, publisher, year, edition, pages
2014.
Keyword [en]
risk assessment, information security, enterprise information needs, enterprise architecture, ArchiMate
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Information and Communication Technology
Identifiers
URN: urn:nbn:se:kth:diva-154231DOI: 10.1109/EDOC.2014.16ISI: 000358531500006Scopus ID: 2-s2.0-84937426317OAI: oai:DiVA.org:kth-154231DiVA: diva2:756096
Conference
The 18th IEEE International EDOC Conference (EDOC 2014)
Funder
SweGRIDS - Swedish Centre for Smart Grids and Energy Storage
Note

Funded by Swedish Armed Forces.

QC 20150409

Available from: 2014-10-16 Created: 2014-10-16 Last updated: 2015-08-27Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopusFulltext

Authority records BETA

Korman, MatusEkstedt, Mathias

Search in DiVA

By author/editor
Korman, MatusEkstedt, Mathias
By organisation
Industrial Information and Control Systems
Other Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 46 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf