Open Conference Systems, ICQQMEAS2009

Font Size: 
Theodosios Tsiakis, Dimitrios Notaras, Dimitrios Panodimos

Last modified: 2015-09-17


Information Security is considered to be an inextricable part of companies’ expenditures and there are defined amounts that are invested for its accomplishment, although it is really difficult to determine the best Security Solution. The substantive problem of information security risk is value proportion of information properties or assets. Risk analysis can be approached from two evaluation models: the qualitative and the quantitative. Quantitative analysis refers to the use of numeric calculations and statistical techniques. Qualitative analysis describes methods that consider loss in a subjective form. Without measurement and metrics of information security we will not be able to estimate and process Information Security Strategies. The aims of this paper are to gain an understanding of Quantitative and Qualitative analysis and furthermore to both evaluate and improve the use of those methods

Full Text: PDF