Fig. 1. Shifting the Risk Conversation
Fig. 2. Framework for Measuring Security Risk Appetite
Table 1. Definition of Risk Appetite
Table 2. Key Domain & Factor of Security Risk Appetite
Table 3. Focus Group Interview Members
Table 4. Review of Framework for Measuring of Security Risk Appetite using FGI
참고문헌
- J. D. Kim & C. G. Jin. (2016). International Standardization Trends and Issues of Cyber Resilience, Review of KIISC, 26(4), 11-15.
- Cybersecurity as a Growth Advantage. (2016). San Jose:CISCO.
- A new posture for cybersecurity in a networked world. (2018). New York:Mckinsey.
- COSO ERM Integrating with Strategy and Performance. (2017). California:COSO.
- G. Stoneburner, A. Goguen & A. Feringa. (2002). Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology. Gaithersburg:NIST.
- M. E. Whitman. (2003). Enemy at The Gate: Threats to Information Security. Communications of the ACM, 46(8), 91-95. https://doi.org/10.1145/859670.859675
- Achieving Resilience in the cyber ecosystem. (2014). London:Ernst & Young.
- Risk management 31000. (2018). ISO, Switzerland, ISBN 978-92-67-10784-4.
- ISO/IEC. ISO/IEC 27005:2014. (2014). Geneva:ISO.
- W. S. Kim & J. H. Min. (2018). A Practical Approach to Measuring the Risk Attitudes of Individual Investors. Journal of the Korean Operations Research and Management Science Society, 43(1), 1-19. https://doi.org/10.7737/JKORMS.2018.43.1.001
- J. G. March & Z. Shpira. (1987). Managerial Perspectives on risk and risk taking. Management Science, 33(11), 1404-1418. https://doi.org/10.1287/mnsc.33.11.1404
- C. E. Irwin Jr. (1993). Adolescence and risk taking: How are they related. Thousand Oaks:SAGE Publications.
- S. H. Joung & M. K. Shin. (2011). A Study on the Related Variables to Financial Risk Tolerance and the Ratio of Risky Asset Possession. Financial Planning Review, 4(4), 1-20.
- The Gartner Strategic Risk Evaluation Approach for Digital Business. (2014). Stamford:Gatner.
- B. Richard. (2016). Risk appetite - How hungry are you?. London:PwC.
- Risk appetite frameworks How to spot the genuine article. (2014). New York:Deloitte.
- P. Mukul. (2013). What Is Your Risk Appetite?. Illinois:ISACA.
- S. H. Jang & E. J. Yoon. (2016). A Comparative Study on the Awareness of Health Risks and the Risk Reduction Measures Related to Sodium Intake between Female and Male University Students in Busan and Gyeongnam : An Application of Protection Motivation Theory. Korean Journal of Food and Cookery Science, 32(1), 136-146. https://doi.org/10.9724/kfcs.2016.32.1.136
- R. W. Rogers. (1983). Cognitive and psychological processes in fear appeals and attitude change: A revised theory of protection motivation. Social psychophysiology: A sourcebook, 153-176.
- H. J. An, J. Y. Jang & B. S. Kim. (2015). Factors Drawing Members of a Financial Institution to Information Security Risk Management. Information Systems Review, 17(3), 39-64. https://doi.org/10.14329/isr.2015.17.3.039
- Y. M. Song & S. H. Kim. (2012). A Study on the Impact of the Security Risk Management Awareness Management in the Organization. Korean Association Of Industrial Business Administrarion, 425-440.
- David L. Morgan. (2007). Foucs groups as qualitative research. Seoul:KOONJA.
- D. Cabrera, J. T. Mandel & J. P. Andras. (2008). What is the crisis? efining and prioritizing the world's most pressing problems. Front Ecol Environ, 6(9), 469-475. https://doi.org/10.1890/070185