NCJ Number
88618
Date Published
1981
Length
14 pages
Annotation
The paper details the factors relating to risk in computer security particularly those of a covert nature which are difficult to assess.
Abstract
It examines the types of risk to which an organization is vulnerable in terms of their probability and criticality. The reasons why security is given low priority are reviewed, and research findings into why crimes are committed are reported. The different approaches to risk management are outlined. The question of where the responsibility for security lies is considered, and ways of establishing a review of security are given. The text notes that each organization has a whole range of risk management tools available. The starting point in every case is an objective and sensible estimate of what its particular tasks might be. Diagrams and four references are supplied. (Author abstract modified)