Summary
International Technical Conference on Circuits/Systems, Computers and Communications
2008
Session Number:P2
Session:
Number:P2-72
Design of Risk Analysis and Assessment Model Based on the Business Process
Moon Goo Lee,
pp.-
Publication Date:2008/7/7
Online ISSN:2188-5079
Summary:
With dependency of companies and government agencies on the networks growing as ever, current patch-up security solution is not an ideal and effective remedy against the increasing threats. Worse, current security system costs excessive amount of resources to recover from an emergency should such a crisis occur. Thus effective risk management system is necessary for today's business, and at the core of such system is the risk analysis-assessment model. However, most of existing risk-analysis methodologies at work domestically has one critical problem; they've been developed abroad, and have been applied without necessary modifications to reflect the domestic conditions. First, assessment methods have not been clarified. Also non-existent is the mapping process of assets and risks. Secondly, asset-evaluating process doesn't reflect the organizational characteristics of the domestic businesses, which in turn undermines the reliability of such assessment results. To overcome the drawbacks described above, this paper suggests a new risk analysis-assessment model based on the business process approach.