Đang chuẩn bị liên kết để tải về tài liệu:
Risk Management in Environment Production and Economy Part 10

Không đóng trình duyệt đến khi xuất hiện nút TẢI XUỐNG

Tham khảo tài liệu 'risk management in environment production and economy part 10', kỹ thuật - công nghệ, cơ khí - chế tạo máy phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả | 169 A Comprehensive Risk Management Framework for Approaching the Return on Security Investment ROSI In the sequence to meet the goal of the chapter section 4 presented as proposal a comprehensive RM framework extending the traditional approaches in two phases clearly stated planning and monitoring of ROSI phase 3 and closing or extinction of the IT environment resulting in the archiving or discarding activities within the system Phase 5 -aligned to the SDLC addressed in NIST SP 800-21 NIST SP800-21 2005 . Finally section 5 has shown an analysis of ROSI application in RM including Key Benefits ROSI adds a deeper financial analysis phase in the selection of controls incorporating criteria such as loss of productivity business organizational interruption loss of intangible assets depreciation devaluation reconstruction recovery monitoring of investment compensation in a control etc ROSI allows to potentiate the saving of investments and cost-effectiveness for the controls With the collection of measures metrics associated with the controls it is possible to verify if the planning done for a given control will be fulfill or not Major limitations ROSI generates savings but neither revenue nor dividends arise from the invested financial value ROSI brings up an additional work phase on the traditional risk management model therefore making this framework more complex and quantitative ROSI is based on events or incidents have occurred in the past or on the notion of the current protection level for an IT environment thus it is not possible to assess the future trend of the attacks to verify if the investment compensation can occur in the short medium or long term. The following future works may be suggested an experimental analysis of ROSI approaches applied in IT environments to use forecasting techniques to know the behavior and volume of the security attacks thus helping to verify if the planning done for the ROSI will be confirmed before or after the defined deadline

Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.