Home // ICDS 2014, The Eighth International Conference on Digital Society // View article

A New Approach to Improve Accuracy in Information Security Risk Management

Authors:
Víctor Leonel Orozco López
Raul Ceretta Nunes

Keywords: Business continuity; security; risk assessment; accuracy; decision making

Abstract:
Risk management constitutes a basis for decision making in a business continuity plan, since it creates a view that allows to identify and control risks that can compromise the assets of a given organization. Despite the existence of several methodologies to estimate the severity of these threats, preview evidence has demonstrated that the presence of human data sources for risk analysis can produce biased results, thus compromising the business continuity as a result of wrong-guided investments. In this work, we present an approach that reduces human biases by weighting risk evaluations using a reliability level of the sources, based on risk treatment performance. The experiments showed that the usage of reliability scores can effectively increase the accuracy of risk estimation, becoming a tool to minimize and/or eliminate those data sources that provoke the deviation of risk assessment results.

Pages: 222 to 228

Copyright: Copyright (c) IARIA, 2014

Publication date: March 23, 2014

Published in: conference

ISSN: 2308-3956

ISBN: 978-1-61208-324-7

Location: Barcelona, Spain

Dates: from March 23, 2014 to March 27, 2014