Fuzzified risk management: Selection of safeguards to minimize the maximum risk

Abstract: Threats can trigger incidents in information systems (IS) causing damage or intangible material loss to assets. A good selection of safeguards is critical for reducing risks caused by threats. This paper deals with the selection of failure transmission, preventive and palliative safeguards that minimize the maximum risk of an IS for a specified budget. We assume that all the elements in the IS are valuated using a linguistic scale, which is capable of accounting for imprecision and/or vaguene… Show more