Skip to main content
SpringerLink
Log in

Using risk-oriented approaches to solve information security problems

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

This paper analyzes risk-management methods that are used in practice and described in the technical literature, standards, and guidelines. The analysis is aimed at classifying the methods and identifying their strengths and weaknesses in terms of practical use to solve information security problems. Based on the data obtained, various ways of implementing risk-management methods are proposed and the range of information security problems for each class of the methods is defined.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Baldin, K.V., Risk-menedzhment. Uchebnoe posobie (Risk Management. Textbook), Moscow: Eksmo, 2008.

    Google Scholar 

  2. Barton, T.L., Shenkir, W.G., and Walker, P.L., Making Enterprise Risk Management Pay Off: How Leading Companies Implement Risk Management, Financial Times/Prentice Hall, 2002, ed. 1.

    Google Scholar 

  3. GOST (State Standard) R ISO/MEK 27005-2010: Information Technology. Security Methods and Means. Information Security Risk Management, 2011.

  4. GOST (State Standard) R ISO/MEK 31010-2011: Risk Management. Methods of Risk Assessment, 2012.

  5. Scniederjans, M.J., Hamaker, J.L., and Scniederjans, A.M., Information Technology Investment. Decision Methodology, World Scientific Publishing Co. Pte. Ltd., 2005, p. 552.

    Google Scholar 

  6. Lientz, B.P. and Larssen, L., Risk Management for ITProjects. How to Deal with over 150 Issues and Risks, Elsevier Inc, 2006, p. 331.

    Google Scholar 

  7. Astakhov, A.M., Iskusstvo upravleniya informatsionnymi riskami (Art of Information Risk Management), Moscow: DMK Press, 2010.

    Google Scholar 

  8. BS (British Standard) 7799-3:2006 RU Information Security Management Systems–Guidelines for Information Security Risk Management. http://gtrust.ru/show_good.php?idtov=1031

  9. Miller, M.B., Mathematics and Statistics for Financial Risk Management, John Wiley & Sons, Inc., Hoboken, New Jersey, 2014, p. 336.

    Google Scholar 

  10. Regester, M. and Larkin, J., Risk Issues and Crisis Management: A Casebook of Best Practice, Kogan Page, 2005, p. 256.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Research University Higher School of Economics, Moscow, Russia

    P. A. Baranov

Authors
  1. P. A. Baranov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to P. A. Baranov.

Additional information

Original Russian Text © P.A. Baranov, 2015, published in Problemy Informatsionnoi Bezopasnosti. Komp’yuternye Sistemy.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Baranov, P.A. Using risk-oriented approaches to solve information security problems. Aut. Control Comp. Sci. 49, 643–647 (2015). https://doi.org/10.3103/S0146411615080209

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411615080209

Keywords

Search

Navigation