Identifying Organizational Information Security Risks Using Fuzzy Delphi
Most organizations need to information systems to survive and thrive. Therefore, they should seriously protect their information assets. Creating structured and justifiable exchanges between cost, security and mission control systems security risks is essential. This is important in the planning and...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
University of Tehran
2015-03-01
|
| Series: | Journal of Information Technology Management |
| Subjects: | |
| Online Access: | https://jitm.ut.ac.ir/article_53555_e7d253571231a0e9a2c9ef8db5456a67.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849324500633518080 |
|---|---|
| author | Parisa Mousavi Reza Yousefizenouz Akbar Hasanpoor |
| author_facet | Parisa Mousavi Reza Yousefizenouz Akbar Hasanpoor |
| author_sort | Parisa Mousavi |
| collection | DOAJ |
| description | Most organizations need to information systems to survive and thrive. Therefore, they should seriously protect their information assets. Creating structured and justifiable exchanges between cost, security and mission control systems security risks is essential. This is important in the planning and development of such systems. Initial appropriate decisions can reduce costs and increase ease of control risk. The first step in the risk management process is the identification of risk. The purpose of this study is identifying the most important enterprise information security risks. This study is application and view research method is descriptive. In this study, a model is presented to identify information security risks, according to ISO 27002 and cobit 4 and study the documents and using by fuzzy Delphi method and opinions of experts, which include 10 of the IT professionals of the Bank, have been presented. In this template 6 factors and 20 subfactors of information security risk factors have been identified for the Bank. |
| format | Article |
| id | doaj-art-8a091937633545b8b4096e71e9da78af |
| institution | Kabale University |
| issn | 2008-5893 2423-5059 |
| language | English |
| publishDate | 2015-03-01 |
| publisher | University of Tehran |
| record_format | Article |
| series | Journal of Information Technology Management |
| spelling | doaj-art-8a091937633545b8b4096e71e9da78af2025-08-20T03:48:42ZengUniversity of TehranJournal of Information Technology Management2008-58932423-50592015-03-017116318410.22059/jitm.2015.5355553555Identifying Organizational Information Security Risks Using Fuzzy DelphiParisa Mousavi0Reza Yousefizenouz1Akbar Hasanpoor2MSc. Student, Information Technology Management, Faculty of Accounting and Management, Kharazmi University of TehranAssistant Prof., Faculty of Accounting and Management, Kharazmi University, Tehran, IranAssistant Prof., Faculty of Accounting and Management, Kharazmi University, Tehran, IranMost organizations need to information systems to survive and thrive. Therefore, they should seriously protect their information assets. Creating structured and justifiable exchanges between cost, security and mission control systems security risks is essential. This is important in the planning and development of such systems. Initial appropriate decisions can reduce costs and increase ease of control risk. The first step in the risk management process is the identification of risk. The purpose of this study is identifying the most important enterprise information security risks. This study is application and view research method is descriptive. In this study, a model is presented to identify information security risks, according to ISO 27002 and cobit 4 and study the documents and using by fuzzy Delphi method and opinions of experts, which include 10 of the IT professionals of the Bank, have been presented. In this template 6 factors and 20 subfactors of information security risk factors have been identified for the Bank.https://jitm.ut.ac.ir/article_53555_e7d253571231a0e9a2c9ef8db5456a67.pdfFuzzy Delphiinformation securityrisk identifyingrisk management |
| spellingShingle | Parisa Mousavi Reza Yousefizenouz Akbar Hasanpoor Identifying Organizational Information Security Risks Using Fuzzy Delphi Journal of Information Technology Management Fuzzy Delphi information security risk identifying risk management |
| title | Identifying Organizational Information Security Risks Using Fuzzy Delphi |
| title_full | Identifying Organizational Information Security Risks Using Fuzzy Delphi |
| title_fullStr | Identifying Organizational Information Security Risks Using Fuzzy Delphi |
| title_full_unstemmed | Identifying Organizational Information Security Risks Using Fuzzy Delphi |
| title_short | Identifying Organizational Information Security Risks Using Fuzzy Delphi |
| title_sort | identifying organizational information security risks using fuzzy delphi |
| topic | Fuzzy Delphi information security risk identifying risk management |
| url | https://jitm.ut.ac.ir/article_53555_e7d253571231a0e9a2c9ef8db5456a67.pdf |
| work_keys_str_mv | AT parisamousavi identifyingorganizationalinformationsecurityrisksusingfuzzydelphi AT rezayousefizenouz identifyingorganizationalinformationsecurityrisksusingfuzzydelphi AT akbarhasanpoor identifyingorganizationalinformationsecurityrisksusingfuzzydelphi |