Skip to main content
Journal ArticleOPEN ACCESS

A protection profiles approach to Risk Analysis for Small and Medium Enterprises

IFIP Advances in Information and Communication Technology (2005) 193 267-283
DOI: 10.1007/0-387-31167-x_17
0Citations
Citations of this article
12Readers
Mendeley users who have this article in their library.

Abstract

Performing a Risk Analysis has long been considered necessary security practice for organisations, however surveys indicate that Small and Medium Enterprises do not tend to undertake one. Some of the main reasons behind this have been found to be the lack of funds, expertise and awareness within such organisations, this paper describes a methodology that aims to assess these issues and be appropriate for the needs of this SMEs by utilising a protection profiles and threat trees approach to perform the assessment instead of lengthy questionnaires and incorporating other elements such as financial considerations and creation of a security policy.

Author supplied keywords

Cite

CITATION STYLE

APA

Dimopoulos, V., & Furnell, S. (2005). A protection profiles approach to Risk Analysis for Small and Medium Enterprises. IFIP Advances in Information and Communication Technology, 193, 267–283. https://doi.org/10.1007/0-387-31167-x_17

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free