Return to search

Information Security Risk Assessment Model ¡V A Case Study of a Semiconductor Assembly Company

The information security incidents have most often been reported. The loss of enterprise operation is more and more serious because of information security incidents. There are more and more operation risks happening inside the enterprise because of such informational and electronic transformation. Consequently, the requirement to have an effective management framework of information security is more and more urgent.
The research adopts the international standard ISO 27001 as the foundation of the information security management framework. And then, risk assessment is the main process of the informational security management framework. This process includes five stages: identification and classification of information assets, value evaluation of information assets, vulnerability assessment of information assets, threats assessment of information assets, and measurement of information security risks. The operational definition, implementation steps and measurement of the information security risks are worked out through review of relevant literature and interview with experts in the semiconductor assembly company. Finally, the experts of the consulting firm of the informational security are entrusted to verify the availability of the model. The result of this informational security risk assessment model will be used as the basis for future improvement.
It is hoped that this research can offer a guideline for the information security risk assessment suitable for the semiconductor company and can be used as a reference for internal auditors and management.

Identiferoai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0730108-112423
Date30 July 2008
CreatorsHu, Ruei-shian
ContributorsFen-Hui Lin, Hsin-Hui Lin, Chia-Mei Chen
PublisherNSYSU
Source SetsNSYSU Electronic Thesis and Dissertation Archive
LanguageCholon
Detected LanguageEnglish
Typetext
Formatapplication/pdf
Sourcehttp://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0730108-112423
Rightscampus_withheld, Copyright information available at source archive

Page generated in 0.0022 seconds