A. Ekelhart,S. Fenz
, T. Neubauer:
"Automated Risk and Utility Management
Vortrag: Sixth International Conference on Information Technology: New Generations (ITNG2009), Las Vegas, Nevada, USA; 27.04.2009 - 29.04.2009; in:"Proceedings of the Sixth International Conference on Information Technology: New Generations
", IEEE Computer Society, (2009), S. 393 - 398.
[ Publication Database
Information security breaches pose major threats to the reliable execution of corporate strategies and may have negative effects on business value. Information security risk management (ISRM) provides an effective approach for assessing, mitigating, and evaluating information security risks. Existing ISRM approaches are highly accepted but demand very detailed knowledge about the IT security domain and the actual company environment. This paper presents the AURUM prototype that supports decision makers in selecting security measures according to organization-specific technical and economical requirements.