Verification, Validation, and Evaluation in Information Security Risk Management

S. Fenz, A. Ekelhart:
"Verification, Validation, and Evaluation in Information Security Risk Management";
IEEE Security&Privacy,9(2011), 2; S. 58 - 65.

[ Publication Database ]

Abstract:


By surveying verification, validation and evaluation methods referenced in information security risk management (ISRM) literature, the authors discuss in which ISRM phases particular methods should be applied and demonstrate appropriate methods with a real-world example.