In the process of risk assessment of information system, the risk assessment method and model are the key point. This paper analyzes the risk assessment methods of the information system, and points out the limitations of some methods. Considering the grey and dynamic characteristics of the evaluation index, the evaluation model based on Entropy Method and Grey Theory is presented, and the validity of the method is demonstrated by an example.
Duan, Jinli and Zhang, Qishan, "An Assessment Model For Information System’s Risk Based On Entropy Method And Grey Theory" (2015). ICEB 2015 Proceedings. 3.