Selection of information security controls based on AHP and GRA
Files
(Published version)
Date
2014
Authors
Mani, D.
Mubarak, S.
Choo, K.K.
Editors
Advisors
Journal Title
Journal ISSN
Volume Title
Type:
Conference paper
Citation
Proceedings of the international workshop of information technology and internet finance, 2014, pp.1-12
Statement of Responsibility
Conference Name
International workshop of information technology and internet finance (25 Jun 2014 : Chengdu, China)
Abstract
An organisation dealing with or storing a customer's information needs to select appropriate technology controls to ensure the security and privacy of the data. Normally, organisations and particularly small and medium organisations (SMEs), buy a product based on the popularity of the product. However, choosing the wrong technological controls without analyzing the organisation's needs may lead to information leakage and consequently, result in customer loss, financial loss, and damage to reputation. When selecting appropriate technology controls, the organisation should analyse various criteria such as functionality, assurance, cost, quality, and ease of use for their suitability. This study proposes a multi-criteria decision-making process (MCDM) that integrates Analytic Hierarchy Process (AHP) and Grey Relational Analysis (GRA) design to assist organisations in selecting the best information security controls. A numerical example shows how this method can be used in real estate organisations for selecting the best information security controls.
School/Discipline
Dissertation Note
Provenance
Description
Access Status
Rights
Copyright 2014 The Authors