dc.contributor.advisor | Sviggum, Stian | |
dc.contributor.advisor | Flage, Roger | |
dc.contributor.author | Oredsson, Mattias | |
dc.date.accessioned | 2018-10-02T12:42:38Z | |
dc.date.available | 2018-10-02T12:42:38Z | |
dc.date.issued | 2018-06 | |
dc.identifier.uri | http://hdl.handle.net/11250/2565842 | |
dc.description | Master's thesis in Risk management | nb_NO |
dc.description.abstract | It is challenging to feed today’s information security risk assessments into an overall ERM framework such that it can be presented to stakeholders and management. This report evaluates current practice for information security risk assessment as represented by IRAM2, which is a recognised methodology. Weaknesses have been revealed in IRAM2 related to its incompatibility with other reporting methods, and in its calculation methods of information risks. Improvements have been proposed to the inherent limitations of the methodology, but also how to increase IRAM2’s compatibility with other risk management models. | nb_NO |
dc.language.iso | eng | nb_NO |
dc.publisher | University of Stavanger, Norway | nb_NO |
dc.relation.ispartofseries | Masteroppgave/UIS-TN-IØRP/2018; | |
dc.rights | Navngivelse 4.0 Internasjonal | * |
dc.rights.uri | http://creativecommons.org/licenses/by/4.0/deed.no | * |
dc.subject | risk management | nb_NO |
dc.subject | information security | nb_NO |
dc.subject | risk assessment | nb_NO |
dc.subject | IRAM2 | nb_NO |
dc.subject | risikostyring | nb_NO |
dc.subject | informasjonssikkerhet | nb_NO |
dc.subject | risikovurdering | nb_NO |
dc.title | Bridging the gap between information security risk assessments and enterprise risk management | nb_NO |
dc.title.alternative | How to ensure a balanced reporting of information security risks to the top management and the board | nb_NO |
dc.type | Master thesis | nb_NO |
dc.subject.nsi | VDP::Samfunnsvitenskap: 200 | nb_NO |