東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Validating the OCTAVE Allegro Inform...

Keating, Corland G.

Linked to FindBook

Google Book

Amazon

博客來

Validating the OCTAVE Allegro Information Systems Risk Assessment Methodology: A Case Study.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Validating the OCTAVE Allegro Information Systems Risk Assessment Methodology: A Case Study./
Author:	Keating, Corland G.
Description:	130 p.
Notes:	Source: Dissertation Abstracts International, Volume: 75-06(E), Section: A.
Contained By:	Dissertation Abstracts International75-06A(E).
Subject:	Information Science. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3611814
ISBN:	9781303728921

Validating the OCTAVE Allegro Information Systems Risk Assessment Methodology: A Case Study.
Keating, Corland G.

Validating the OCTAVE Allegro Information Systems Risk Assessment Methodology: A Case Study. - 130 p.

Source: Dissertation Abstracts International, Volume: 75-06(E), Section: A.

Thesis (Ph.D.)--Nova Southeastern University, 2014.

This item must not be sold to any third party vendors.

An information system (IS) risk assessment is an important part of any successful security management strategy. Risk assessments help organizations to identify mission-critical IS assets and prioritize risk mitigation efforts. Many risk assessment methodologies, however, are complex and can only be completed successfully by highly qualified and experienced security experts. Small-sized organizations, including small-sized colleges and universities, due to their financial constraints and lack of IS security expertise, are challenged to conduct a risk assessment. Therefore, most small-sized colleges and universities do not perform IS risk assessments, which leaves the institution's data vulnerable to security incursions. The negative consequences of a security breach at these institutions can include a decline in the institution's reputation, loss of financial revenue, and exposure to lawsuits.

ISBN: 9781303728921Subjects--Topical Terms:

1017528
Information Science.

Validating the OCTAVE Allegro Information Systems Risk Assessment Methodology: A Case Study.
LDR:03465nmm a2200325 4500 001 2058160
005 20150630082852.5
008 170521s2014 ||||||||||||||||| ||eng d
020 $a 9781303728921
035 $a (MiAaPQ)AAI3611814
035 $a AAI3611814
040 $a MiAaPQ $c MiAaPQ
100 1 $a Keating, Corland G. $3 3172088
245 1 0 $a Validating the OCTAVE Allegro Information Systems Risk Assessment Methodology: A Case Study.
300 $a 130 p.
500 $a Source: Dissertation Abstracts International, Volume: 75-06(E), Section: A.
500 $a Adviser: Marlyn K. Littman.
502 $a Thesis (Ph.D.)--Nova Southeastern University, 2014.
506 $a This item must not be sold to any third party vendors.
520 $a An information system (IS) risk assessment is an important part of any successful security management strategy. Risk assessments help organizations to identify mission-critical IS assets and prioritize risk mitigation efforts. Many risk assessment methodologies, however, are complex and can only be completed successfully by highly qualified and experienced security experts. Small-sized organizations, including small-sized colleges and universities, due to their financial constraints and lack of IS security expertise, are challenged to conduct a risk assessment. Therefore, most small-sized colleges and universities do not perform IS risk assessments, which leaves the institution's data vulnerable to security incursions. The negative consequences of a security breach at these institutions can include a decline in the institution's reputation, loss of financial revenue, and exposure to lawsuits.
520 $a The goal of this research is to address the challenge of conducting IS risk assessments in small-sized colleges and universities by validating the use of the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Allegro risk assessment methodology at a small-sized university. OCTAVE Allegro is a streamlined risk assessment method created by Carnegie Mellon University's Software Engineering Institute. OCTAVE Allegro has the ability to provide robust risk assessment results, with a relatively small investment in time and resources, even for those organizations that do not have extensive risk management expertise.
520 $a The successful use of OCTAVE Allegro was validated using a case study that documented the process and outcome of conducting a risk assessment at George Fox University (GFU), a small-sized, private university located in Newberg, Oregon. GFU has the typical constraints of other small-sized universities; it has a relatively small information technology staff with limited expertise in conducting IS risk assessments and lacks a dedicated IS risk manager. Nevertheless, OCTAVE Allegro was relatively easy for GFU staff to understand, provided GFU with the ability to document the security requirements of their IS assets, helped to identify and evaluate IS security concerns, and provided an objective way to prioritize IS security projects. Thus, this research validates that OCTAVE Allegro is an appropriate and effective IS risk assessment method for small-sized colleges and universities.
590 $a School code: 1191.
650 4 $a Information Science. $3 1017528
650 4 $a Information Technology. $3 1030799
650 4 $a Computer Science. $3 626642
690 $a 0723
690 $a 0489
690 $a 0984
710 2 $a Nova Southeastern University. $b Information Systems (DISS). $3 1023901
773 0 $t Dissertation Abstracts International $g 75-06A(E).
790 $a 1191
791 $a Ph.D.
792 $a 2014
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3611814