Security risk assessment framework provides comprehensive structure for security risk analysis that would help uncover systems’ threats and vulnerabilities. While security risk assessment is an important step in the security risk management process, this paper will focus only on the security risk assessment framework. Viewing issues that exist in a current framework, we have developed a new framework for security risk and vulnerabilities assessment by adding new components to the processes of the existing framework. The proposed framework will further enhance the outcome of the risk assessment, and improve the effectiveness of the current framework. To demonstrate the efficiency the proposed framework, a network security simulation as well as filed tests of an existing network where conducted.
T. Even, “A Unified Framework For Risk and Vulnerability Analysis Covering Both Safety and Securi-ty”, Reliability Engineering and System Safety, Vol. 92, No. 6, 2007, pp. 745-754. doi:10.1016/j.ress.2006.03.008
R. Olsson, “In Search of Opportunity Man-agement: Is the Risk Management Process Enough?” In-ternational Journal of Project Management, Vol. 25, No. 8, November 2007, pp. 745-752.
S. Bajpai, A. Sachdeva, J. Gupta, “Security Risk Assessment: Applying the Concept of Fuzzy Logic”, Journal of Hazardous Materials, Vol. 173, No. 1-3, Jan-uary 2010, pp.258-264.