Naslov
How to calculate information value for effective security risk assessment

Autori
Sajko, Mario ; Rabuzin, Kornelije ; Bača, Miroslav

Izvornik
Journal of information and organizational sciences (1846-3312) 30 (2006), 2; 263-278

Vrsta, podvrsta i kategorija rada
Radovi u časopisima, članak, ostalo

Ključne riječi
information value ; security risk assessment ; information evaluation

Sažetak
The actual problem of information security (infosec) risk assessment is determining the value of information property or asset. This is particularly manifested through the use of quantitative methodology in which it is necessary to state the information value in quantitative sizes. The aim of this paper is to describe the evaluation possibilities of business information values, and the criteria needed for determining importance of information. For this purpose, the dimensions of information values will be determined and the ways used to present the importance of information contents will be studied. There are two basic approaches that can be used in evaluation: qualitative and quantitative. Often they are combined to determine forms of information content. The proposed criterion is the three-dimension model, which combines the existing experiences (i.e. possible solutions for information value assessment) with our own criteria. An attempt for structuring information value in a business environment will be made as well.

Izvorni jezik
Engleski

POVEZANOST RADA