Download now Free registration required
Despite the availability of numerous methods and publications concerning the proper conduct of information security risk analyses, Small and Medium sized Enterprises (SMEs) face serious organizational challenges managing the deployment and use of these tools and methods to assist them in selecting and implementing security safeguards to prevent IS security compromises. This paper builds a case for and then outlines a possible approach and a multi-faceted research agenda for developing an "Open development" strategy to address recognized deficiencies in the area of risk analysis to include developing: a multi-level risk assessment methodology and set of decision heuristics designed to minimize the intellectual effort required to conduct SME infrastructure level risk assessments.
- Format: PDF
- Size: 113.4 KB