Date of Award
Master of Science
Department of Systems Engineering and Management
David P. Biros, PhD
Information system (IS) incidents are on the rise. With low manning and undertrained information security specialists it is difficult for organizations to stop IS incidents from occurring. Once an incident has occurred it is the IS manager's responsibility to ensure that a full and accurate damage assessment has been accomplished. However, most IS managers lack the necessary tools to assess the damage from an incident. This exploratory thesis developed an IS incident damage assessment model (DAM) that can be part of the IS manager's tool kit. During the development of the model, it became apparent that the model was supported by a foundation of business processes. Therefore, the most important thing an IS manager can do is define their organization's business processes and bow they relate to information systems. The model is based on eight primary factors to considered: (1) recovery, (2) education/training, (3) business expenses, (4) productivity, (5) data, (6) lost revenue, (7) reputation, and (8) human life. Each factor is then further expanded into sub-factors that better define and explain the primary factors. These sub-factors can be directly mapped to business processes previously defined by the information system manager. The final product is an IS incident DAM tailored to the needs of the IS manager's organization.
DTIC Accession Number
Horony, Mark D., "Information System Incidents: the Development of a Damage Assessment Model" (1999). Theses and Dissertations. 4808.