The growing need for transparency in business negotiations requires greater control of technological risks. However, technological risk assessment tools currently available in the market are imprecise as they are based on the analysis of events that have already passed. The current paper describes a real-time, proactive risk analysis framework. We propose that instead of testing vulnerabilities from an external point of view, agents be incorporated and distributed into “actives” (hardware and software) so as to be able to provide application, confi guration and specifi c localization information. In this manner, changes noted will be divulged by the agent in an immediate and pro-active manner to a central repository. When vulnerabilities are detected, correction processes will be implemented automatically, permitting technological risks to be monitored in real-time.
Risk assessment, information security, real time, vulnerability analyst.
To return to the Volume/Number webpage, click here.
THE INTERNATIONAL JOURNAL OF FORENSIC COMPUTER SCIENCE - IJoFCS
Volume 2, Number 1, pp 75-88, DOI: 10.5769/J200701006 or http://dx.doi.org/10.5769/J200701006
A Framework for risk assessment of information technology in the corporate environment
By Laerte Peotta, and Paulo Gondim
To download this paper, click here