{"title":"IA risk assessment process","authors":"K. Montry, R. Kelley","doi":"10.1109/IAW.2005.1495991","DOIUrl":null,"url":null,"abstract":"When considering the information assurance (IA) requirement against a particular program, one must consider the actual risk that needs to be mitigated by any proposed solution. Understanding the actual risk and applying only those solutions deemed necessary will provide a best value approach to the customer. This paper defines one method to gain an understanding of IA risk by exploring the threats applicable to the system, the paths down which those threats can act and the effects of that action on the system given the environment in which the system currently exists. Considering all of those factors will allow a relative risk to be assigned for each applicable intersection.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"189 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAW.2005.1495991","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
When considering the information assurance (IA) requirement against a particular program, one must consider the actual risk that needs to be mitigated by any proposed solution. Understanding the actual risk and applying only those solutions deemed necessary will provide a best value approach to the customer. This paper defines one method to gain an understanding of IA risk by exploring the threats applicable to the system, the paths down which those threats can act and the effects of that action on the system given the environment in which the system currently exists. Considering all of those factors will allow a relative risk to be assigned for each applicable intersection.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
