Article details

Title: Application Development for Analyzing and Assessing Security Risks within an Organization
Author(s): Bogdan Ţigănoaia   Constantin Macari            

Abstract: Security risk analysis is one of the main pillars in achieving the objectives of an organization. Effective risk management helps top management to make optimum security decisions. This paper presents aspects of risk management but also designing and implementing an automated system to identify, assess, manage, and provide countermeasures to security risks across an organization. There are some expensive software tools for risk management (some of them are presented in this paper), but an effort to design such a tool in Romanian universities, and then in Romanian IT organizations, should be done.

Keywords: risk, security, management, software.


[1] A.A. PURCAREA, B. TIGANOAIA, C. TIGANOAIA – Considerations Regarding the Importance of Risk Analysis in the Organizations Security Management, Proc. of the 3rd International Scientific Session “Internal Affairs and Justice in the Process of the European Integration and Globalization”, pp. 801-810, Bucharest, Romania, May 13-14, 2010, (in Romanian)
[2] C.R. PANDIAN – Applied Software Risk Management: A Guide for Software Project Managers, Auerbach Publications, Taylor & Francis Group, Boca Raton, FL, 2007
[3] Risk Management: Implementation principles and Inventories for Risk Management / Risk Assessment methods and tools, Technical Department of ENISA, Section Risk Management, Jun. 2006, deliverables/risk-management-principles-and-inventories-for-risk-management-risk-assessment-methods-and-tools
[4] ISO 31000: Risk Management: Principles and Guidelines, International Organization for Standardization, Geneva, Switzerland, Nov. 13, 2009
[5] CRAMM v5.1: Information Security Toolkit, Siemens Enterprise, (Datasheet).pdf
[6] C.A. ROPER – Risk Management for Security Professionals, Butterworth-Heinemann, Boston, MA, 1999