Multiobjective decision support in IT-risk management
- Autor(en)
- Christine Strauss, Christian Stummer
- Abstrakt
Security issues in information management are increasingly moving towards the centre of corporate interests. This paper presents a multiobjective modelling approach that interactively assists IT managers in their attempts to reduce a given risk by evaluating and selecting portfolios (i.e., bundles) of security measures. The proposed multi-step procedure identifies attractive portfolio candidates and finally establishes the "best" one with respect to the decision-maker¿s preferences. Our model and its possible application are demonstrated by means of a numerical example based on real-world data that evaluates the risk of hacking faced by a Local Area Network in an academic environment.
- Organisation(en)
- Institut für Rechnungswesen, Innovation und Strategie
- Journal
- International Journal of Information Technology and Decision Making
- Band
- 1
- Seiten
- 251-268
- Anzahl der Seiten
- 18
- ISSN
- 0219-6220
- Publikationsdatum
- 2002
- Peer-reviewed
- Ja
- ÖFOS 2012
- 502052 Betriebswirtschaftslehre, 102016 IT-Sicherheit, 502050 Wirtschaftsinformatik, 101015 Operations Research
- Link zum Portal
- https://ucrisportal.univie.ac.at/de/publications/d852a292-56af-4f7d-b1e7-bdfde569e779