Abstract
The Risk Reduction Overview (RRO) method presents a comprehensible overview of the coherence of risks, measures and residual risks. The method is designed to support communication between different stakeholders in complex risk management. Seven reasons are addressed why risk management in IT security has many uncertainties and fast changing factors, four for IT security in general and three for large organizations specifically. The RRO visualization has been proven valuable to discuss, optimize, evaluate, and audit a design or a change in a complex environment. The method has been used, evaluated, and improved over the last six years in large government and military organizations. Seven areas in design and decision making are identified in which a RRO is found to be beneficial. Despite the widely accepted need for risk management we believe this is the first practical method that delivers a comprehensive overview that improves communication between different stakeholders.
Author supplied keywords
Cite
CITATION STYLE
Havinga, H. N. J., & Sessink, O. D. T. (2014). Risk reduction overview: A visualization method for risk management. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8708, pp. 239–249). Springer Verlag. https://doi.org/10.1007/978-3-319-10975-6_18
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
