Decision Assistance in Risk Assessment – Monte Carlo Simulations

• Main Author: Emil BURTESCU
• Format: Article
• Language: English
• Published: Inforec Association 2012-01-01
• Series: Informatică economică
• Subjects: Security; Risk Analysis; Monte-Carlo Method; Likelihood; Impact; Loss
• Online Access: http://www.revistaie.ase.ro/content/64/10%20-%20Burtescu.pdf

High security must be a primary and permanent concern of the leadership of an organization and it must be ensured at any time. For this, a risk analysis is compulsory and imperative to be done during the risk management cycle. Security risk analysis and security risk management components mostly use estimative data during the whole extensive process. The further evolution of the events might not be reflected in the obtained results. If we were to think about the fact that hazard must be modeled, this concern is absolutely normal. Though, we must find a way to model the events that a company is exposed to, events that damage the informational security. In the following lines of this paper we will use the Monte-Carlo method in order to model a set of security parameters that are used in security risk analysis. The frequency of unwanted events, damages and their impact will represent our main focus and will be applied to both the quantitative and qualitative security risk analysis approach. The obtained results will act as a guide for experts to better allocation of resources for decreasing or eliminating the risk and will also represent a warning for the leadership about certain absolutely necessary investments.