標題: A VIKOR technique based on DEMATEL and ANP for information security risk control assessment
作者: Yang, Yu-Ping Ou
Shieh, How-Ming
Tzeng, Gwo-Hshiung
科技管理研究所
Institute of Management of Technology
關鍵字: VIKOR;Analytic network process (ANP);DEMATEL;Multiple criteria decision making (MCDM);Information security;Risk control assessment
公開日期: 20-五月-2013
摘要: As companies and organizations have grown to rely on their computer systems and networks, the issue of information security management has become more significant. To maintain their competitiveness, enterprises should safeguard their information and try to eliminate the risk of information being compromised or reduce this risk to an acceptable level. This paper proposes an information security risk-control assessment model that could improve information security for these companies and organizations. We propose an MCDM model combining VIKOR, DEMATEL, and ANP to solve the problem of conflicting criteria that show dependence and feedback. In addition, an empirical application of evaluating the risk controls is used to illustrate the proposed method. The results show that our proposed method can be effective in helping IT managers validate the effectiveness of their risk controls. (C) 2011 Elsevier Inc. All rights reserved.
URI: http://dx.doi.org/10.1016/j.ins.2011.09.012
http://hdl.handle.net/11536/21342
ISSN: 0020-0255
DOI: 10.1016/j.ins.2011.09.012
期刊: INFORMATION SCIENCES
Volume: 232
Issue: 
起始頁: 482
結束頁: 500
顯示於類別:期刊論文


文件中的檔案:

  1. 000316774700032.pdf