@book{8cab04819c7948daaeaa4f8cef56b38b,
title = "Current established risk assessment methodologies and tools",
abstract = "The technology behind information systems evolves at an exponential rate, while at the same time becoming more and more ubiquitous. This brings with it an implicit rise in the average complexity of systems as well as the number of external interactions. In order to allow a proper assessment of the security of such (sub)systems, a whole arsenal of methodologies, methods and tools have been developed in recent years. However, most security auditors commonly use a very small subset of this collection, that best suits their needs. This thesis aims at uncovering the differences and limitations of the most common Risk Assessment frameworks, the conceptual models that support them, as well as the tools that implement them. This is done in order to gain a better understanding of the applicability of each method and/or tool and suggest guidelines to picking the most suitable one.",
keywords = "EWI-24541, EC Grant Agreement nr.: FP7/2007-2013, METIS-302885, EC Grant Agreement nr.: FP7/318003, Tools, RISK ASSESSMENT, SCS-Services, IR-89558, IS-SECURITY, SCS-Cybersecurity, Information Security, Information Systems, Framkeworks, Risk Management, Methodologies",
author = "Dan Ionita and Hartel, {Pieter H.} and Wolter Pieters and Wieringa, {Roelf J.}",
note = "Foreground = 100%; Type of activity = technical report; Main leader = UT; Type of audience = scientific community; Size of audience = n.a.; Countries addressed = international;",
year = "2013",
month = sep,
day = "1",
language = "Undefined",
series = "CTIT Technical Report Series",
publisher = "Centre for Telematics and Information Technology (CTIT)",
number = "TR-CTIT-14-04",
address = "Netherlands",
}