Publication details

Home Publications Publication details

Factors affecting the adoption of IT risk analysis
Dimopoulos V, Furnell SM, Barlow I, Lines BL
The 3rd European Conference on Information Warfare and Security
Royal Holloway, University of London, UK, 28-29 June, 2004
Download links:  Download PDF

Risk analysis is a necessary procedure for ensuring the appropriate protection of an organisation?s IT infrastructure. However, its adoption within small and medium enterprise environments is often limited, with typical constraints including lack of in-house expertise, funding, and awareness, as well as the complexity of existing tools. This paper assesses these factors, and proposes the
basis of an alternative methodology to enable small enterprises to conduct their own risk assessment. The proposal is based upon
the use of predetermined protection profiles for assets, personnel and countermeasure solutions.

Dimopoulos V, Furnell SM, Barlow I, Lines BL