Sciweavers

HICSS
2009
IEEE

AURUM: A Framework for Information Security Risk Management

14 years 6 months ago
AURUM: A Framework for Information Security Risk Management
—As companies are increasingly exposed to a variety of information security threats, they are permanently forced to pay attention to security issues. Risk management provides an effective approach for measuring the security through risk assessment, risk mitigation and evaluation. Existing risk management approaches are highly accepted but demand very detailed knowledge about the IT security domain and the actual company environment. This paper presents AURUM - a new methodology for supporting the NIST SP 800-30 risk management standard - and provides a comparison with the GSTool and CRISAM in order to highlight the benefits decision makers may expect when using AURUM.
Andreas Ekelhart, Stefan Fenz, Thomas Neubauer
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where HICSS
Authors Andreas Ekelhart, Stefan Fenz, Thomas Neubauer
Comments (0)