Date of Award


Document Type


Degree Name

Master of Science


Department of Systems Engineering and Management

First Advisor

David P. Biros, PhD


Information system (IS) incidents are on the rise. With low manning and undertrained information security specialists it is difficult for organizations to stop IS incidents from occurring. Once an incident has occurred it is the IS manager's responsibility to ensure that a full and accurate damage assessment has been accomplished. However, most IS managers lack the necessary tools to assess the damage from an incident. This exploratory thesis developed an IS incident damage assessment model (DAM) that can be part of the IS manager's tool kit. During the development of the model, it became apparent that the model was supported by a foundation of business processes. Therefore, the most important thing an IS manager can do is define their organization's business processes and bow they relate to information systems. The model is based on eight primary factors to considered: (1) recovery, (2) education/training, (3) business expenses, (4) productivity, (5) data, (6) lost revenue, (7) reputation, and (8) human life. Each factor is then further expanded into sub-factors that better define and explain the primary factors. These sub-factors can be directly mapped to business processes previously defined by the information system manager. The final product is an IS incident DAM tailored to the needs of the IS manager's organization.

AFIT Designator


DTIC Accession Number



The author's Vita page is omitted.