Modeling The Impact Of Controls On Information System Risks

M. Ndaw, G. Mendy, S. Ouya
2016 Zenodo  
Information system risk management helps to reduce or eliminate risk by implementing appropriate controls. In this paper, we propose a quantification model of controls impact on information system risks by automatizing the residual criticality estimation step of FMECA which is based on a inductive reasoning. For this, we defined three equations based on type and maturity of controls. For testing, the values obtained with the model were compared to estimated values given by interlocutors during
more » ... terlocutors during different working sessions and the result is satisfactory. This model allows an optimal assessment of controls maturity and facilitates risk analysis of information system.
doi:10.5281/zenodo.1111964 fatcat:kmchjxix3ng4lnqd5vwcoesu4m