Abstract
This paper proposes a new method of assessments within the integrated framework of risk analysis and information security domain. Although there are a number of standard-based methods developed in relation to specific security objectives, structures and level of applications of information security, most does not comprehensively covers all pertinent security requirements. The loss of security requirements or objectives is likely to have different levels of effects on organizations or individuals associated with the organization. The aim of the paper is also to present a new integrated risk assessment framework that would outline practical guidelines to understand, assess and manage internal controls in order to comprehensively tackle information security breaches in organization. The proposed method would highlight and evaluate expected risk scores and steer organizations towards identifying the most suitable mitigation plan to reduce or minimize the information security risk to an acceptable level.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
