期刊名称:TELKOMNIKA (Telecommunication Computing Electronics and Control)
印刷版ISSN:2302-9293
出版年度:2019
卷号:17
期号:3
页码:1324-1337
DOI:10.12928/telkomnika.v17i3.10050
出版社:Universitas Ahmad Dahlan
摘要:In many cases poor information quality appears mainly due to in-effectiveness of information
management including information production and delivery. Where this situation poses a certain risk.
A holistic information risk management model has been previously proposed. But the model has some
limitations especially on risk calculation and risk priority ranking as the model does not consider existing
control effectiveness. In this paper, a new risk assessment method is proposed in order to improve the
model of total impact of risks and to improve the accuracy of risk priority ranking by modifying the extended
risk matrix approach (RMA) where we take into account the existing control effectiveness. Using our
approach by adding a new dimension on extended RMA. We are able to improve the accuracy (7.15%)
and reduced the ambiguity (1.34) of assessment results on real cases illustration.
其他摘要:In many cases poor information quality appears mainly due to in-effectiveness of information management including information production and delivery. Where this situation poses a certain risk. A holistic information risk management model has been previously proposed. But the model has some limitations especially on risk calculation and risk priority ranking as the model does not consider existing control effectiveness. In this paper, a new risk assessment method is proposed in order to improve the model of total impact of risks and to improve the accuracy of risk priority ranking by modifying the extended risk matrix approach (RMA) where we take into account the existing control effectiveness. Using our approach by adding a new dimension on extended RMA. We are able to improve the accuracy (7.15%) and reduced the ambiguity (1.34) of assessment results on real cases illustration.
