Communications of the Association for Information Systems


This article presents a comprehensive method to assess system security risks. The method includes a cohesive set of steps to not only identify a more complete set of security risks but also assess them in a systematic manner. The method is based on the integration of two kinds of models: (1) qualitative models emphasizing security risk factors and security requirement determination and (2) quantitative models that focus on formal evaluation and assessment of system security risks. Unlike most of the existing methods, the proposed method covers the whole process of system security risk assessment spanning all three phases—ascertainment of security requirements, measurement of evidence for security requirements, and evaluation of evidence against the needed security mechanisms. The article extends existing work on system security risk methods by incorporating new ideas of multifaceted security view and work system in a coherent set of steps. The article demonstrates the application of the proposed method to a real application and discusses the major results.