Not logged in.
Quick Search - Contribution
Contribution Details
| Type | Bachelor's Thesis |
| Scope | Discipline-based scholarship |
| Title | Design and Implementation of a Comparison Tool for Selecting an Information Security Risk Assessment Method |
| Organization Unit | |
| Authors |
|
| Supervisors |
|
| Language |
|
| Institution | University of Zurich |
| Faculty | Faculty of Business, Economics and Informatics |
| Date | 2023 |
| Abstract Text | With the increasing relevance of the risk concept in the field of information security, numerous new risk assessment methods have emerged. The selection of a suitable risk assessment method can prove itself to be a first obstacle for organizations that do not have the financial resources to employ consulting firms that assist with the risk assessment process. To address this challenge, comparison methods and tools have been developed in academia and the private sector. This thesis provides a comprehensive review of these methods and tools. An improved comparison method is designed based on this review and an in-depth analysis of several common information risk assessment methods. This method is then used to evaluate nine information security risk assessment methods. A navigable prototype for an information security risk assessment knowledge base has been designed and implemented, with the aim of facilitating comparison between methods and helping users select the most suitable assessment method. The improved comparison method is shown to be superior to predecessors by demonstrating that crucial criteria are adopted and novel criteria improve the selection process. Finally, a use case illustrates the efficiency of the prototype. |
| PDF File |
Download
|
| Export |
BibTeX
|