The design and development for risk analysis automatic tool

Abstract

In these days, many organizations try to manage their assets in safe way due to fast change in information-communication environment. The Chief information officer or the chief security officer of an organization recognized the necessity of the security infrastructure. In Korea, risk analysis and vulnerability analysis for security improvement of critical asset is booming by enforcement of Act on security of information and communication infrastructure. It is obligate that each critical information infrastructure needs to get vulnerability analysis. From this motive, there are many studies about risk analysis and try to research and develop right risk analysis methods. This is why we start the research to design and implementation for the practical risk analysis tools. In this paper, we proposed design and development of the risk analysis process, the risk analysis automatic tool and important modules such as interview, asset analysis, threat analysis and risk analysis. © Springer-Verlag 2004.