Comparative Analysis of Risk Assessment During an Enterprise Information Security Audit
| Title | Comparative Analysis of Risk Assessment During an Enterprise Information Security Audit |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Alimzhanova, Zhanna, Tleubergen, Akzer, Zhunusbayeva, Salamat, Nazarbayev, Dauren |
| Conference Name | 2022 International Conference on Smart Information Systems and Technologies (SIST) |
| Date Published | apr |
| Keywords | Analytical models, Costs, expert systems, Human Behavior, Information security, information security audit, Organizations, Planning, pubcrawl, resilience, Resiliency, risk assessment, risk management, risks, Scalability, security, Security Audits, Time measurement, Vulnerability |
| Abstract | This article discusses a threat and vulnerability analysis model that allows you to fully analyze the requirements related to information security in an organization and document the results of the analysis. The use of this method allows avoiding and preventing unnecessary costs for security measures arising from subjective risk assessment, planning and implementing protection at all stages of the information systems lifecycle, minimizing the time spent by an information security specialist during information system risk assessment procedures by automating this process and reducing the level of errors and professional skills of information security experts. In the initial sections, the common methods of risk analysis and risk assessment software are analyzed and conclusions are drawn based on the results of comparative analysis, calculations are carried out in accordance with the proposed model. |
| DOI | 10.1109/SIST54437.2022.9945804 |
| Citation Key | alimzhanova_comparative_2022 |