Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Combining IRAM2 with Cost-BenefitAnalysis for Risk Management: Creating a hybrid method with traditional and economic aspects
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
2018 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

The aim of this thesis is to contribute to the risk methodology field by introducing a method

that covers both economic and information security aspects. The aim is to provide a way for

practitioners to get results that is enough for decision makers to make valid and well-grounded

decisions. There are a lot of traditional risk assessment methods that focus on information

security. There are also CBA (Cost-Benefit Analysis) methods that are used to make sure

investments are cost-effective and provide value for the organization. The aim of this thesis is to

combine those and see if they can be merged to one risk assessment method to increase the

value of the result. CBA will be added to a more traditional risk assessment method called

IRAM2. The thesis will evaluate if they are suited to be used together and if it provides a more

valuable result when combining them than only using one of them. The research method that

has been used in this study is ADR. It has been used as a way of working when producing a new

hybrid method together with some design principles regarding how to combine traditional risk

management with economic equations.

Place, publisher, year, edition, pages
2018. , p. 86
Keyword [en]
Risk management, CBA, IRAM2, Information security, Cost-effective, Cost-benefit analysis, Risk assessment
National Category
Other Computer and Information Science
Identifiers
URN: urn:nbn:se:ltu:diva-67511OAI: oai:DiVA.org:ltu-67511DiVA, id: diva2:1180133
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level (120 credits)
Supervisors
Examiners
Available from: 2018-03-02 Created: 2018-02-05 Last updated: 2018-03-02Bibliographically approved

Open Access in DiVA

fulltext(2159 kB)94 downloads
File information
File name FULLTEXT01.pdfFile size 2159 kBChecksum SHA-512
d73e704ca8f3c8b749bb5c140c0523503b73d315ee6ebc47060ccb08d1bb9c18743bbb9906416b073d389daf05f9705531ef4c08a27c9ff069586f9caf3392b2
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Dehkhoda, Dorna
By organisation
Department of Computer Science, Electrical and Space Engineering
Other Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 94 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 56 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf