A Proposed Framework for Ranking Critical Information Assets in Information Security Risk Assessment Using the OCTAVE Allegro Method with Decision Support System Methods

Anisa Dewi Prajanti, Kalamullah Ramli

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The security of an organization lies not only in physical buildings, but also in its information assets. Safeguarding information assets requires further study to establish optimal security mitigation steps. In determining the appropriate mitigation of information assets, both an information security risk assessment and a clear and measurable rating are required. Most risk management methods do not provide the right focus on ranking the critical information assets of an organization. This paper proposes a framework approach for ranking critical information assets. The proposed framework uses the OCTAVE Allegro method, which focuses on profiling information assets by combining ranking priority measurements using decision support system methods, such as Simple Additive Weighting (SAW) and Analytic Hierarchy Process (AHP). The combined OCTAVE Allegro-SAW and OCTAVE Allegro-AHP methods are expected to better address risk priority as an input to making mitigation decisions for critical information assets. These combinations will help management to avoid missteps in adjusting budget needs allocation or time duration by selecting asset information mitigation using the ranking results of the framework.

Original languageEnglish
Title of host publication34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728132716
DOIs
Publication statusPublished - 1 Jun 2019
Event34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019 - JeJu, Korea, Republic of
Duration: 23 Jun 201926 Jun 2019

Publication series

Name34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019

Conference

Conference34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019
CountryKorea, Republic of
CityJeJu
Period23/06/1926/06/19

Keywords

  • AHP
  • Critical information asset
  • DSS
  • information security
  • OCTAVE Allegro
  • risk management
  • SAW
  • security risk assesment

Fingerprint Dive into the research topics of 'A Proposed Framework for Ranking Critical Information Assets in Information Security Risk Assessment Using the OCTAVE Allegro Method with Decision Support System Methods'. Together they form a unique fingerprint.

Cite this