Article ID: | iaor20023644 |
Country: | United States |
Volume: | 7 |
Issue: | 2 |
Start Page Number: | 61 |
End Page Number: | 81 |
Publication Date: | Apr 2002 |
Journal: | Military Operations Research |
Authors: | Deckro Richard F., Kloeber Jack M., Hamill J. Todd, Kelso T.S. |
Keywords: | risk, information theory, computers: information |
As our reliance upon information systems for a multitude of vital operations increases, so do the concomitant vulnerabilities and risks associated with their operation and implementation. This problem, further complicated by the rapid growth and complexity in information technologies, requires efficient risk management within technical and/or fiscal constraints. This article presents potential improvements upon current risk management processes by incorporating value focused thinking into the process. In this approach, based on a test case with a DoD local area network, the value of the information served as a focal point for prioritizing vulnerabilities requiring remedy, thereby facilitating the efficient reduction of risk inherent in today's information systems.