NAGATA Kiyoshi   Faculty of Business Administration Department of Business Management   Professor

■ Title   Method to Select Effective Risk Mitigation Controls Using Fuzzy Outranking

■ Outline   In an information-oriented society, the security of information related assets in organizations is one of chief concerns and the importance of security evaluation system to grasp their security level is increasing. We also consider that the magnitude of risk to information assets is highly dependent on the scales, forms, treat etc. of the organization, and should be evaluated by reflecting these characteristics. Standing on this concept, we adopted OCTAVESM as the basic information system and already proposed two fuzzy-based methods integrated in it. One is to determine the set of critical assets using fuzzy decision making methodology by multi-participants. The other is to calculate the degree of risks along with the given threat path as a crisp value using fuzzy inference mechanism and so on. In this paper, we propose a system for selecting some mitigation controls considered to be more effective than others as an application of fuzzy outranking.   Kiyoshi Nagata, Michio Amagasa, Yutaka Kigawa, and Dongmei Cui   Collaboration   Proceedings of the 9th International Conference on Intelligent Systems Design and Applications, 30 November - 2 December, 2009, Pisa, Italy   pp.479-484   2009/11

Copyright(C) 2011 Daito Bunka University, All rights reserved.