一個(gè)識(shí)別信息安全風(fēng)險(xiǎn)的整體風(fēng)險(xiǎn)分析方法【外文翻譯】

1、<p><b>　　畢業(yè)論文外文翻譯</b></p><p><b>　　原文</b></p><p>　　A HOLISTIC RISK ANALYSIS METHOD FOR DENTIFYING INFORMATION ECURITY RISK</p><p>　　Janine L. Spears</

2、p><p>　　The Pennsylvania State University, Smeal College of Business, University Park, PA 16802</p><p>　　Abstract: Risk analysis is used during the planning of information security to identify secu

3、rity requirements, and is also often used to determine the economic feasibility of security safeguards. The traditional method of conducting a risk analysis is technology-driven and has several shortcomings. First, its f

4、ocus on technology is at the detriment of considering people and processes as significant sources of security risk. Second, an analysis driven by technical assets can be overly time-consum</p><p>　　Keywords:

5、 risk analysis, informadon security, risk management, business process, data flow diagram,risk scenario.</p><p>　　1. INTRODUCTION</p><p>　　Managing information security is essentially managing a

6、 form of risk.The management of risk generally involves conducting a risk analysis to identify and evaluate risks, and then employing risk management techniques to mitigate or reduce risks where deemed appropriate. Likew

7、ise, the standard approach to managing information security involves conducting a risk analysis to identify risks to confidentiality, integrity, and availability of information systems, which is followed by risk manageme

8、nt wh</p><p>　　Traditional risk analysis methods applied to information systems focus foremost on technology with limited attention to people and processes.</p><p>　　However, an information syst

9、em is comprised of technology, people, processes, and data. Therefore, an effective security risk analysis must examine each of these aspects. As such, traditional risk analysis methods are seen as inadequate (e.g., Hall

10、iday et al., 1996; e.g., Gerber and von Solms, 2005). This paper examines the traditional risk analysis method, along with its strengths and limitations, and then proposes an alternative holistic method that addresses th

11、ese limitations.</p><p>　　The paper is organized as follows. The next section defines risk and describes the purpose of a risk analysis. §3 describes the traditional risk analysis method, along with its

12、 strengths and limitations. Next, a holistic risk analysis method is proposed in §4, followed by an example and the method's benefits. §5 describes evaluation criteria for a risk analysis and how it applies

13、 to the proposed method. §6 suggests future areas of research, followed by a conclusion in §7.</p><p>　　2. RISK ANALYSIS</p><p>　　Risk is defined as (a) the possibility of loss or inju

14、ry, and (b) the liability for loss or injury if it occurs (Merriam-Webster Inc., 1996). Risk analysis, in the context of information security, "is the process of examining a system and its operational context to det

15、ermine possible exposures and the potential harm they can cause" (Pfleeger and Pfleeger, 2003). Risk management involves using the output from risk analysis to determine the selection and implementation of controls

16、(safeguards) to </p><p>　　Risk analysis has traditionally been used in business for analyzing financial instruments and insurance products (e.g., Baskerville, 1991; Barrese and Scordis, 2003; Gerber and von

17、Solms, 2005). In both cases, risk </p><p>　　INFORMATION SECURITY</p><p>　　The traditional method for conducting information security risk analysis is technology-driven (e.g., Halliday et al., 19

18、96; Humphreys et al., 1998 p. 49; Gerber and von Solms, 2005) because it focuses primarily on known threats to types of computing assets employed by an organization. This is due in large part to the historical origin of

19、widely-used computer security guidelines (NIST, Common Criteria, RAND Corp, ISO 17799, SSE-CMM) that were initially developed for securing governmental and mili</p><p>　　For the purposes of this paper, the w

20、ord traditional is used to denote risk analysis practices generally cited in the literature as being the conventional r common approach (e.g., Halliday et al, 1996; Kolokotronis et al, 2002; Suh and Han, 2003; Tan, 2003)

21、. Steps in a traditional risk analysis are summarized in Figure 1.</p><p>　　The first step when conducting a risk analysis is to identify the IT assets to be protected. IT assets generally include hardware,

22、software, data, people, documentation, and applicable facilities (Suh and Han, 2003). Note that although people is typically included as a type of IT asset, traditional risk nalysis places minimal emphasis on people and

23、is typically concerned solely with user identification and authentication. However, risk may be incurred by the procedures that people use to handle </p><p>　　3.1 Strengths of Traditional Risk Analysis</p

24、><p>　　The traditional risk analysis method for information security has several advantages. First, the method is widely known as the de facto standard taught in textbooks and endorsed by industry-accepted secu

25、rity guidelines (e.g., NIST, 2002; Pfleeger and Pfleeger, 2003).</p><p>　　Second, given that traditional risk analysis has focused primarily on technology, this aspect of security has been richly developed.

26、For example, extensive lists of known threats and vulnerabilities to various technical assets are pubUcly available. These Hsts provide valuable guidance when conducting a risk analysis.</p><p>　　Third, auto

27、mated software packages are available that perform the detailed calculations and manage the risk analysis data. These software packages are based on the traditional method of risk analysis.</p><p>　　Fourth,

28、quantitative measures used in the traditional method can be used to support a cost-benefit analysis of investments in security safeguards. This is, of course, provided the calculations are reasonably accurate.</p>

29、<p>　　Finally, the traditional method of conducting a risk analysis for information security is closely related to risk analysis techniques employed in the financial and insurance sectors. This point, along with th

30、e mathematical foundation of the method, may add credibility. </p><p>　　3,2 Limitations of Traditional Risk Analysis</p><p>　　The traditional risk analysis method for information security has se

31、veral key limitations. First, this technology-driven method places very limited emphasis on the people and process aspects of information systems. This is a major oversight, given that people and processes are widely con

32、sidered to be the leading causes of security breaches (e.g., Siponen, 2000; Dhillon, 2001; Wade, 2004). In addition, there is no common approach to identifying which IT assets are to be included in the analysis. </p&g

33、t;<p>　　Second, estimates of expected losses are based on the value of assets, and are widely inaccurate for a variety of reasons. Determining the value of intangible assets, such as information, is considered dif

34、ficult, if not impossible, to estimate (Gerber and von Solms, 2005). Yet, information is one of the most important assets of an organization and is the focal point of information security. Estimates for the value of tang

35、ible assets may be inaccurate because in many cases only replacement costs </p><p>　　Third, probability estimates of the likelihood of an identified vulnerability being exploited are commonly considered to b

36、e wild uesswork. One reason for this is that likelihood is determined by past history of security breaches, and this is largely underreported (e.g., Strang, 2001; Yazar, 2002; Keeney et al, 2005). Another reason that est

37、imates of likelihood of occurrence are inaccurate is because making a more accurate estimate requires a high level of expertise by the estimator (e.g., Gerber</p><p>　　A fourth limitation of the traditional

38、method to risk analysis is the time and cost involved in conducting such an analysis. The bottom-up nature of the traditional method (i.e., driven from a micro, technology assets perspective) tends to be time-consuming,

39、especially in medium to large organizations (Halliday et al., 1996). Significant amounts of time may be spent analyzing assets of low importance to critical business processes.</p><p>　　A fifth limitation to

40、 a technology-focused analysis is that it is often solely conducted by IT professionals. This is problematic because business users are not involved, which only contributes to a lack of security awareness across an organ

41、ization. Equally important, risks inherent in business processes that may be identifiable by a business user may go undetected by an IT professional.</p><p>　　In summary, the traditional method of conducting

42、 risk analysis for information security employs calculations based largely on guesswork to estimate probability and financial loss of a security breach. Secondly, its focus on technology is at the detriment of considerin

43、g people and processes as significant sources of security risk. Finally, an IT-centric approach to security risk analysis does not involve business users to the extent necessary to identify a comprehensive set of risks,

44、or to promot</p><p>　　4. A PROPOSED HOLISTIC RISK ANALYSIS METHOD</p><p>　　A holistic risk analysis, as defined in this paper, is one that attempts to identify a comprehensive set of risks by fo

45、cusing equally on technology, information, people, and processes. The method is also holistic in nature by receiving input from a variety of participants within the organization, coupled with input from (security) indust

46、ry-accepted guidelines. The focus of this holistic method is on the identification of information security risks within critical business processes. Key aspects </p><p>　　Identifying risks that impact busine

47、ss processes provides a top-down analysis that defines the focus, scope, and relevance of the analysis. The proposed method, by its very nature, requires the involvement of a variety of senior management, business users

48、and IT professionals. Once IT assets are identified and analyzed by participants, the method makes use of publicly available security checklists and guidelines (e.g., CERT, NIST) in order to capture known threats and vul

49、nerabilities. Qualitativ</p><p><b>　　譯文：</b></p><p>　　一個(gè)識(shí)別信息安全風(fēng)險(xiǎn)的整體風(fēng)險(xiǎn)分析方法</p><p><b>　　吉妮L.斯皮爾斯</b></p><p>　?。ㄙe夕法尼亞大學(xué)，斯米爾商學(xué)院大學(xué)園區(qū)，PA 16802）</p&

50、gt;<p>　　摘要：風(fēng)險(xiǎn)分析過程中使用的信息安全規(guī)劃確定的安全要求，也常常被用來確定安全保障的經(jīng)濟(jì)可行性。對(duì)風(fēng)險(xiǎn)進(jìn)行分析的傳統(tǒng)方法是技術(shù)驅(qū)動(dòng)，有以下幾個(gè)缺點(diǎn)。第一，其技術(shù)重點(diǎn)是考慮人民和安全風(fēng)險(xiǎn)的重要來源進(jìn)程所造成的損害；第二，由技術(shù)驅(qū)動(dòng)的資產(chǎn)分析既過分耗時(shí)又過分費(fèi)錢；第三，傳統(tǒng)的風(fēng)險(xiǎn)分析方法采用的計(jì)算主要是以猜測(cè)來估計(jì)安全漏洞的經(jīng)濟(jì)損失的概率；最后，IT中心的安全風(fēng)險(xiǎn)分析方法在一定程度上不需要涉及商業(yè)用戶，以確保一套

51、完整的風(fēng)險(xiǎn)機(jī)制，或促進(jìn)整個(gè)組織的安全意識(shí)。本文提出了一種全面替代風(fēng)險(xiǎn)分析方法。一個(gè)全面的風(fēng)險(xiǎn)分析在本文中的定義，是指試圖找出以同樣的技術(shù)、信息、人員和流程為重點(diǎn)的一整套的風(fēng)險(xiǎn)。該方法是由提供重點(diǎn)和相關(guān)性分析的關(guān)鍵業(yè)務(wù)流程指導(dǎo)。該方法的關(guān)鍵方面包括一個(gè)業(yè)務(wù)驅(qū)動(dòng)的分析，用戶的分析，架構(gòu)和數(shù)據(jù)流圖的參與。作為一種確定相關(guān)的IT資產(chǎn)，風(fēng)險(xiǎn)情景捕捉程序和安全細(xì)節(jié)的定性估計(jì)的手段。人們?cè)诜治鲋信c所涉及的工具混合預(yù)期會(huì)導(dǎo)致對(duì)已知風(fēng)險(xiǎn)的一個(gè)更加全面的安

52、全意識(shí)，并在整個(gè)組織中顯著增加。</p><p>　　關(guān)鍵字：風(fēng)險(xiǎn)分析，信息安全，風(fēng)險(xiǎn)管理，業(yè)務(wù)流程</p><p><b>　　1．引言</b></p><p>　　信息安全管理本質(zhì)上是經(jīng)營(yíng)風(fēng)險(xiǎn)的形式。風(fēng)險(xiǎn)管理一般包括進(jìn)行風(fēng)險(xiǎn)分析，以識(shí)別和評(píng)估風(fēng)險(xiǎn)，然后運(yùn)用風(fēng)險(xiǎn)管理技術(shù)，以減輕或減少適當(dāng)?shù)娘L(fēng)險(xiǎn)。同樣，標(biāo)準(zhǔn)的方法是以管理信息安全涉及的風(fēng)險(xiǎn)分析來

53、確定風(fēng)險(xiǎn)的保密性，完整性和信息系統(tǒng)的可用性，即是用風(fēng)險(xiǎn)管理保障來降低風(fēng)險(xiǎn)的。</p><p>　　傳統(tǒng)的風(fēng)險(xiǎn)分析方法應(yīng)用的信息系統(tǒng)的重點(diǎn)，首先是有限的人員和流程方面的技術(shù)。一個(gè)信息系統(tǒng)包括技術(shù)、人員、流程和數(shù)據(jù)，因此，一個(gè)有效的風(fēng)險(xiǎn)安全分析必須審查每個(gè)方面。所以，傳統(tǒng)的風(fēng)險(xiǎn)分析方法還有很多的不足（例如，哈利迪等人，1996年;如嘉寶和馮蓮，2005）。本文探討了傳統(tǒng)的風(fēng)險(xiǎn)分析方法及其優(yōu)勢(shì)和局限性，并提出一種替代方

54、法，全面解決這些限制。</p><p>　　本文的結(jié)構(gòu)如下，接下來的部分是定義風(fēng)險(xiǎn)和描述風(fēng)險(xiǎn)分析的目的。在§3介紹了傳統(tǒng)的風(fēng)險(xiǎn)分析方法，以及它的長(zhǎng)處和局限性。接下來，在§ 4中提出一個(gè)整體的風(fēng)險(xiǎn)分析方法，其次是一個(gè)例子和該方法的好處。§ 5描述了風(fēng)險(xiǎn)分析和評(píng)估標(biāo)準(zhǔn)以及如何使用于該方法。§ 6建議未來的研究領(lǐng)域，緊接著是§ 7結(jié)論。</p><p

55、><b>　　2．風(fēng)險(xiǎn)分析</b></p><p>　　風(fēng)險(xiǎn)的定義為：（a）損失或傷害的可能性，以及（b）對(duì)發(fā)生的損失或的賠償責(zé)任（Merriam - Webster的公司，1996年）。風(fēng)險(xiǎn)分析，在信息安全中的內(nèi)容，“是一個(gè)檢驗(yàn)一個(gè)系統(tǒng)及其業(yè)務(wù)范圍，以確定其可能會(huì)導(dǎo)致風(fēng)險(xiǎn)和潛在的傷害的過程”（Pfleeger和Pfleeger，2003）。風(fēng)險(xiǎn)管理涉及到使用以風(fēng)險(xiǎn)分析的輸出來確定選擇

56、和控制實(shí)施（保障措施），以降低風(fēng)險(xiǎn)（嘉寶和馮蓮，2005）。</p><p>　　風(fēng)險(xiǎn)分析在傳統(tǒng)上一直用于商業(yè)分析、金融工具和保險(xiǎn)產(chǎn)品(e.g., Baskerville,1991;Barrese and Scordis, 2003; Gerber and von Solms, 2005)</p><p>　　在這兩種情況下，風(fēng)險(xiǎn)分析是由資產(chǎn)價(jià)值的定量分析，以確定在金融工具投資或保產(chǎn)品的可

57、行性。同樣，在信息安全，（阿爾貝茨和Dorofee，2001年）風(fēng)險(xiǎn)分析經(jīng)常被用來確定在安全保障投資的可行性，降低信息安全（巴斯克維爾，1991年）的風(fēng)險(xiǎn)。進(jìn)行風(fēng)險(xiǎn)分析的另一個(gè)關(guān)鍵的原因是為了識(shí)別安全要求，這是本文的重點(diǎn)。（ISO /符合IEC 17799）。</p><p>　　3.傳統(tǒng)的信息安全風(fēng)險(xiǎn)分析</p><p>　　信息安全風(fēng)險(xiǎn)分析的傳統(tǒng)方法是技術(shù)驅(qū)動(dòng)。（例如，哈利迪等，199

58、6;堪等人，1998年第49;嘉寶和馮蓮，2005）。因?yàn)樗饕獋?cè)重于對(duì)一個(gè)組織使用的計(jì)算資產(chǎn)類型的已知威脅。由于歷史淵源，這在很大程度上要廣泛使用的計(jì)算機(jī)安全準(zhǔn)則（NIST的共同準(zhǔn)則，蘭德公司，國際標(biāo)準(zhǔn)化組織17799，SSE - CMM的），起初制定是為確保政府和軍隊(duì)的計(jì)算基礎(chǔ)設(shè)施的。鑒于這些領(lǐng)先的安全準(zhǔn)則不是最初的信息系統(tǒng)內(nèi)發(fā)展的營(yíng)商環(huán)境，缺乏用來確定有關(guān)的人（內(nèi)部和外部的組織）和業(yè)務(wù)流程風(fēng)險(xiǎn)的方法。</p><

59、;p>　　對(duì)于本文的目的，傳統(tǒng)這個(gè)詞是用來表示傳統(tǒng)的風(fēng)險(xiǎn)分析慣例，一般在文獻(xiàn)中提到，因?yàn)檫@是傳統(tǒng)的或習(xí)慣的方法（如哈利迪等，1996; Kolokotronis等，2002; Suh，漢族，2003年;譚，2003）。傳統(tǒng)的風(fēng)險(xiǎn)分析步驟，如圖1所示。</p><p>　　第一步是進(jìn)行風(fēng)險(xiǎn)分析，以確定IT資產(chǎn)得到保護(hù)。IT資產(chǎn)一般包括硬件，軟件，數(shù)據(jù)，人員，文檔和適用的設(shè)施（Suh and Han，2003年

60、）。請(qǐng)注意，雖然人們通常是作為IT資產(chǎn)的一種類型，傳統(tǒng)的風(fēng)險(xiǎn)分析對(duì)人通常是最小的重視，常常是關(guān)注于用戶識(shí)別和認(rèn)證。不過人們?cè)谔幚硇畔⒌某绦蛑锌赡軙?huì)招致風(fēng)險(xiǎn)。接下來，每一個(gè)確定的資產(chǎn)，威脅（可能發(fā)生的不良事件）和弱點(diǎn)（現(xiàn)有弱點(diǎn)）與保密性，完整性和可用性鑒定，這通常是通過使用標(biāo)準(zhǔn)的確定清單局（NIST，2005年）和專業(yè)知識(shí)的安全分析師而決定的。然后，量化風(fēng)險(xiǎn)的可能性（即概率）即是一個(gè)安全事件的發(fā)生（即一個(gè)漏洞會(huì)被利用）乘以這類事件的預(yù)期金

61、錢損失（風(fēng)險(xiǎn)=預(yù)期損失*概率）。此公式用于計(jì)算能降低風(fēng)險(xiǎn)到一個(gè)可接受水平的安全保障措施的成本效益分析（例如，Pfleeger和Pfleeger，2003;談，2003年; 嘉寶和馮蓮，2005）。</p><p>　　3.1傳統(tǒng)風(fēng)險(xiǎn)分析的優(yōu)勢(shì)</p><p>　　傳統(tǒng)的信息安全風(fēng)險(xiǎn)分析的方法有很多個(gè)。第一，該方法被廣泛認(rèn)為事實(shí)上得到了標(biāo)準(zhǔn)教科書中的知名教授和業(yè)界公認(rèn)的安全準(zhǔn)則的認(rèn)可（例如，

62、NIST的，2002年; Pfleeger和Pfleeger，2003年）。</p><p>　　第二，由于傳統(tǒng)的風(fēng)險(xiǎn)分析主要側(cè)重于技術(shù)，安全的這個(gè)方面已得到繁榮的發(fā)展。例如，已知威脅和各種技術(shù)資產(chǎn)漏洞的詳盡清單是公開的。 這些名單在進(jìn)行風(fēng)險(xiǎn)分析時(shí)提供寶貴的指導(dǎo)。</p><p>　　第三，自動(dòng)化的軟件包現(xiàn)已推出用以執(zhí)行詳細(xì)的計(jì)算和風(fēng)險(xiǎn)分析數(shù)據(jù)的管理。這些軟件包是基于風(fēng)險(xiǎn)分析的傳統(tǒng)方法的

63、。</p><p>　　第四，傳統(tǒng)的方法中的量化措施的使用可以用來支持在安全保障下的投資成本效益分析，當(dāng)然，這里提供的計(jì)算是相當(dāng)準(zhǔn)確。</p><p>　　最后，傳統(tǒng)的信息安全風(fēng)險(xiǎn)分析方法，與金融和保險(xiǎn)部門就業(yè)中的風(fēng)險(xiǎn)分析技術(shù)也密切相關(guān)。在這一點(diǎn)上，隨著該方法的數(shù)學(xué)基礎(chǔ)，可信度將越來越大。</p><p>　　3．2傳統(tǒng)風(fēng)險(xiǎn)分析的局限性</p><

64、;p>　　傳統(tǒng)的信息安全風(fēng)險(xiǎn)分析的方法有幾個(gè)主要的局限。首先，這個(gè)技術(shù)驅(qū)動(dòng)的方法，對(duì)人員和信息系統(tǒng)流程的各個(gè)方面都只有非常有限的作用。這是一個(gè)重大的監(jiān)督，由于人員和流程被廣泛認(rèn)為是安全隱患的主要原因（如Siponen，2000年; Dhillon，2001;韋德，2004年）。此外，有沒有共同的方法來確定哪些IT資產(chǎn)將被納入分析，IT專業(yè)人士開發(fā)的技術(shù)資產(chǎn)清單可能并不重要，用戶開發(fā)的電子表格和應(yīng)用程序包含重大的安全隱患。具體的機(jī)密

65、信息，保證維護(hù)也可以被忽略掉的。</p><p>　　第二，基于資產(chǎn)價(jià)值的預(yù)期損失估計(jì)，普遍是由于不確定的原因。確定的無形資產(chǎn)，如信息、價(jià)值，就算不是不可能的，估計(jì)也是困難的（嘉寶和馮蓮，2005）。然而，信息是一個(gè)組織的最重要的資產(chǎn)之一，是信息安全的焦點(diǎn)。關(guān)于有形資產(chǎn)的價(jià)值估計(jì)可能不準(zhǔn)確，因?yàn)橹挥锌紤]重置成本，其中不包括由于操作中斷等許多案件的經(jīng)濟(jì)損失.（Suh，Han，2003年）在那里的業(yè)務(wù)運(yùn)作成本，包括在

66、資產(chǎn)價(jià)值的情況下，估計(jì)是非常主觀的。最后，以資產(chǎn)價(jià)值為基礎(chǔ)的預(yù)期經(jīng)濟(jì)損失通常不包括一個(gè)可能的違約行為，如客戶的信任缺失所帶來的社會(huì)影響（Bennett和Kailay，1992年）。</p><p>　　第三，經(jīng)認(rèn)定的漏洞被利用的可能性的概率估計(jì)，通常被認(rèn)為是胡亂猜測(cè)。原因之一是這是由過去的歷史決定的安全漏洞的可能性。這在很大程度上是低報(bào)的。（例如，斯特朗，2001年; Yazar，2002;基尼等，2005）。另

67、一個(gè)原因就是發(fā)生的可能性估計(jì)是不準(zhǔn)確的，因?yàn)樽鞒龈鼫?zhǔn)確的估計(jì)需要專業(yè)知識(shí)的估計(jì)（如Gerber和馮蓮，2005年），一個(gè)組織可能不具備較高的水平。見巴斯克維爾（1991）在傳統(tǒng)的弱勢(shì)數(shù)量估計(jì)的固有風(fēng)險(xiǎn)分析，這有待進(jìn)一步的討論。</p><p>　　傳統(tǒng)風(fēng)險(xiǎn)分析方法的第四個(gè)限制是時(shí)間和進(jìn)行這種分析所涉及的費(fèi)用。傳統(tǒng)方法中自下而上的性質(zhì)（即從微觀，技術(shù)資產(chǎn)的角度驅(qū)動(dòng)）往往很費(fèi)時(shí)，尤其是在中、大型組織中（如哈利迪等。1

68、996）。大量的時(shí)間花在分析關(guān)鍵業(yè)務(wù)流程中不是那么重要的資產(chǎn)部分。 </p><p>　　對(duì)以技術(shù)為重點(diǎn)的分析的第五個(gè)限制是，它常常只能由專業(yè)人士進(jìn)行。這個(gè)問題因?yàn)椴簧婕吧虅?wù)用戶，所以只是導(dǎo)致整個(gè)組織缺乏安全性認(rèn)識(shí)。同樣重要的是，業(yè)務(wù)流程中的風(fēng)險(xiǎn)可能未被IT專業(yè)人士發(fā)現(xiàn)而是被商業(yè)用戶識(shí)別。</p><p>　　總之，開展信息安全風(fēng)險(xiǎn)分析的傳統(tǒng)方法的使用在很大程度上以猜測(cè)來估計(jì)概率和安全漏洞

69、的經(jīng)濟(jì)損失的計(jì)算。其次，其技術(shù)重點(diǎn)是考慮對(duì)人員和安全分析的重要來源的進(jìn)程所造成的損害。最后，IT中心的安全風(fēng)險(xiǎn)分析方法在一定程度上不涉及商業(yè)用戶，以確定一套全面的風(fēng)險(xiǎn)，或促進(jìn)整個(gè)組織的安全意識(shí)。</p><p>　　4．提議的一種整體風(fēng)險(xiǎn)分析方法</p><p>　　本文定義的一個(gè)全面的風(fēng)險(xiǎn)分析是一個(gè)嘗試專注于全面識(shí)別同一套技術(shù)中的風(fēng)險(xiǎn)、信息、人員和流程。該方法也由整體性質(zhì)接收來自組織內(nèi)各

70、種參與者的投入，再加上從（安全）行業(yè)公認(rèn)的準(zhǔn)則輸入。這種全面的方法重點(diǎn)是對(duì)關(guān)鍵業(yè)務(wù)流程中的信息安全風(fēng)險(xiǎn)識(shí)別。該方法的主要包括用戶分析，業(yè)務(wù)驅(qū)動(dòng)的分析，系統(tǒng)圖參與等方法提取相關(guān)的科技資產(chǎn)資訊并進(jìn)行定性分析。</p><p>　　識(shí)別風(fēng)險(xiǎn)影響的業(yè)務(wù)流程提供了一個(gè)自上而下重點(diǎn)分析方法，包括定義、范圍以及相關(guān)的分析。該方法的提出，就其本質(zhì)來說，需要各種高級(jí)管理人員的參與，業(yè)務(wù)用戶和IT專業(yè)人士。一旦IT資產(chǎn)與會(huì)者確定和分