A VIKOR technique based on DEMATEL and ANP for information security risk control assessment

被引：171

作者：

Yang, Yu-Ping Ou ^{[1
]}

Shieh, How-Ming ^{[1
,2
]}

Tzeng, Gwo-Hshiung ^{[3
,4
]}

机构：

[1] Natl Cent Univ, Dept Business Adm, Chung Li City 320, Taiwan

[2] Natl Cent Univ, Dept Informat Management, Chung Li City 320, Taiwan

[3] Kainan Univ, Dept Informat Management, Tao Yuan 338, Taiwan

[4] Natl Chiao Tung Univ, Inst Management Technol, Hsinchu 300, Taiwan

来源：

INFORMATION SCIENCES | 2013年 / 232卷

关键词：

VIKOR; Analytic network process (ANP); DEMATEL; Multiple criteria decision making (MCDM); Information security; Risk control assessment; ANALYTIC NETWORK PROCESS; SELECTION;

D O I：

10.1016/j.ins.2011.09.012

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

As companies and organizations have grown to rely on their computer systems and networks, the issue of information security management has become more significant. To maintain their competitiveness, enterprises should safeguard their information and try to eliminate the risk of information being compromised or reduce this risk to an acceptable level. This paper proposes an information security risk-control assessment model that could improve information security for these companies and organizations. We propose an MCDM model combining VIKOR, DEMATEL, and ANP to solve the problem of conflicting criteria that show dependence and feedback. In addition, an empirical application of evaluating the risk controls is used to illustrate the proposed method. The results show that our proposed method can be effective in helping IT managers validate the effectiveness of their risk controls. (C) 2011 Elsevier Inc. All rights reserved.

引用

页码：482 / 500

页数：19

共 50 条

[31] On the role of the Facilitator in information security risk assessment
Lizzie Coles-Kemp
Richard E. Overill
Journal in Computer Virology, 2007, 3 (2): : 143 - 148
[32] Risk assessment model of information security SVRAMIS
Wu, D. (jump_wude@163.com), 2013, Science Press (40): : 44 - 47+154
[33] Information Security Risk Assessment: A Method Comparison
Wangen, Gaute
COMPUTER, 2017, 50 (04) : 52 - 61
[34] Taxonomy of information security risk assessment (ISRA)
Shameli-Sendi, Alireza
Aghababaei-Barzegar, Rouzbeh
Cheriet, Mohamed
COMPUTERS & SECURITY, 2016, 57 : 14 - 30
[35] A Study of Information Security Evaluation and Risk Assessment
Li, Jingyi
Chao, Shiwei
Huo, Minxia
2015 FIFTH INTERNATIONAL CONFERENCE ON INSTRUMENTATION AND MEASUREMENT, COMPUTER, COMMUNICATION AND CONTROL (IMCCC), 2015, : 1909 - 1912
[36] Risk assessment of human error in information security
Cheng, Xiang-Yun
Wang, Ying-Mei
Xu, Zi-Ling
PROCEEDINGS OF 2006 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-7, 2006, : 3573 - +
[37] A Hybrid MCDM for Private Primary School Assessment Using DEMATEL Based on ANP and Fuzzy Cognitive Map
Adil Baykasoglu
Zeynep D. U. Durmusoglu
International Journal of Computational Intelligence Systems, 2014, 7 : 615 - 635
[38] Urban Resilience Assessment Using Hybrid MCDM Model Based on DEMATEL-ANP Method (DANP)
Azadeh Jamali
Maryam Robati
Hanieh Nikoomaram
Forough Farsad
Hossein Aghamohammadi
Journal of the Indian Society of Remote Sensing, 2023, 51 : 893 - 915
[39] A framework and tool for the assessment of information security risk, the reduction of information security cost and the sustainability of information security culture
Govender S.G.
Kritzinger E.
Loock M.
Personal and Ubiquitous Computing, 2021, 25 (05) : 927 - 940
[40] Urban Resilience Assessment Using Hybrid MCDM Model Based on DEMATEL-ANP Method (DANP)
Jamali, Azadeh
Robati, Maryam
Nikoomaram, Hanieh
Farsad, Forough
Aghamohammadi, Hossein
JOURNAL OF THE INDIAN SOCIETY OF REMOTE SENSING, 2023, 51 (04) : 893 - 915

← 1 2 3 4 5 →