首页>
外国专利>
METHOD OF RISK EVALUATION BASED ON ASSET ANALYSIS FOCUSED ON BUSINESS PROCESS FOR SECURITY OF INFORMATION SYSTEM
METHOD OF RISK EVALUATION BASED ON ASSET ANALYSIS FOCUSED ON BUSINESS PROCESS FOR SECURITY OF INFORMATION SYSTEM
展开▼
机译:信息系统安全的基于业务流程的资产分析的风险评估方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method for evaluating risk based on an asset analysis focused on a business process for security of an information system is provided to realize strict risk management by enabling an organization to expect a practical and correct risk analysis result value in consideration of business characteristics of the organization and an environment of the information system. A qualitative asset price is converted into a qualitative asset price(S100). A reference for weight of a secondary classification factor is determined in relation to a business process(S200). An asset is evaluated based on the qualitative asset price and the weight(S300). The reference for the risk and the security is determined(S400). The risk of the asset evaluated based on the reference for the risk and the security is evaluated(S500). The qualitative asset price is converted into the quantitative asset price based on a purchase cost, an annual operation expense, or a substitution cost.
展开▼