How can information security risk assessment and monitoring be implemented in real time?

Abstract

This research thesis aims to answer a business need on the creation of an artifact in order to enable information security risk assessment in real time. This research takes a design science approach to create an artifact. Another question was answered regarding the possible competitive advantage of this artifact when implemented for an organiza-tion. Secondary data was collected through a literature review and varied key elements are defined in order to design the artifact. In addition, four main factors that lead to competitive advantage are described. Interviews are conducted in order to gather pri-mary data and validate the literature review as well as offering new business insights on the artifact design and their beliefs on the possible competitive advantage of such a process. The research concludes that the artifact design is coherent and experts agreed on its viability. Experts conclude that enabling such a risk assessment would lead to competitive advantage, only if the risk management is operated at a strategic level.

Prof. Dr. Anne-Françoise Rutkowski Prof. Dr. Patrick Rousseau Prof. Dr. Timo Leino