Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Livermore Risk Analysis Methodology: A quantitative approach to management of the risk associated with the operation of information systems

Conference ·
OSTI ID:6635721
; ; ;
Risk assessment methods vary in nature and depth. Their application to the evaluation of information security issues should be decided on the basis of their capability to provide answers to practical and fundamental questions concerning the design and implementation of security controls in specific information systems. Quantitative risk analysis provides an objectively based approach to the problem of assessing and managing risk. As a decision making and risk assessment tool, it is not only capable of identifying potential losses that could be unacceptable for a given system, but it can be used to determine which specific security controls and countermeasures can be effective and cost justifiable. The Livermore Risk Analysis Methodology (LRAM) was developed to cover these objectives in a balanced and comprehensive way. Its model and procedures, from the identification of valuable assets to the prioritization and budgeting of proposed controls, are examined and discussed both from the technical and from the decision making/risk management perspectives.
Research Organization:
Lawrence Livermore National Lab., CA (USA)
DOE Contract Number:
W-7405-ENG-48
OSTI ID:
6635721
Report Number(s):
UCRL-95133; CONF-8610255-1; ON: DE87006828
Country of Publication:
United States
Language:
English

Similar Records

Related Subjects

99 GENERAL AND MISCELLANEOUS
990300* -- Information Handling
INFORMATION SYSTEMS
RISK ASSESSMENT
SECURITY