Information Security Risk Assessment: Bayesian Prioritization for AHP Group Decision Making
Increasing complexity of risk management requires the use of more flexible approaches to measure information security risk. Adapting complex risk analysis tools in today's information systems is a very difficult task due to the shortage of reliable data. Analytic Hierarchy Process Group Decision Making (AHP-GDM) offers a technical support for risk analysis by taking the judgements of managers and systematically calculating the relative risk values. This paper presents how Bayesian Prioritization Procedure (BPP) provides a more effective way of risk assessment than proposed by the conventional approaches used in AHP-GDM.