WO2002079907A3 - Overall risk in a system - Google Patents

Overall risk in a system Download PDF

Info

Publication number
WO2002079907A3
WO2002079907A3 PCT/US2002/010143 US0210143W WO02079907A3 WO 2002079907 A3 WO2002079907 A3 WO 2002079907A3 US 0210143 W US0210143 W US 0210143W WO 02079907 A3 WO02079907 A3 WO 02079907A3
Authority
WO
WIPO (PCT)
Prior art keywords
risk
overall
overall risk
preferably includes
value
Prior art date
Application number
PCT/US2002/010143
Other languages
French (fr)
Other versions
WO2002079907A8 (en
WO2002079907A2 (en
Inventor
Nicholas Heinrich
Original Assignee
Accenture Llp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Accenture Llp filed Critical Accenture Llp
Priority to AU2002256018A priority Critical patent/AU2002256018A1/en
Publication of WO2002079907A2 publication Critical patent/WO2002079907A2/en
Publication of WO2002079907A8 publication Critical patent/WO2002079907A8/en
Publication of WO2002079907A3 publication Critical patent/WO2002079907A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/08Insurance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities

Abstract

A computer-implemented method and system for assessing the overall risk in at least part or an information technology system includes inputting into a risk assessment database a plurality of identified risks in a system; associating the risks to at least one severity band in a risk echelon; assigning a value to each risk; multiplying each risk value by a coefficient factor; and summing the factored risk values to determine the overall risk. The method preferably includes modifying the security implementation of the information technology system and determining the modified overall risk. The system preferably includes an automated vulnerability detection scanner to gather risk information, which is stored on a database and used in calculating the overall risk.
PCT/US2002/010143 2001-03-29 2002-03-29 Overall risk in a system WO2002079907A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002256018A AU2002256018A1 (en) 2001-03-29 2002-03-29 Overall risk in a system

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US27998701P 2001-03-29 2001-03-29
US60/279,987 2001-03-29
US10/113,202 US6895383B2 (en) 2001-03-29 2002-03-29 Overall risk in a system
US10/113,202 2002-03-29

Publications (3)

Publication Number Publication Date
WO2002079907A2 WO2002079907A2 (en) 2002-10-10
WO2002079907A8 WO2002079907A8 (en) 2003-02-20
WO2002079907A3 true WO2002079907A3 (en) 2004-02-26

Family

ID=26810794

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2002/010143 WO2002079907A2 (en) 2001-03-29 2002-03-29 Overall risk in a system

Country Status (3)

Country Link
US (2) US6895383B2 (en)
AU (1) AU2002256018A1 (en)
WO (1) WO2002079907A2 (en)

Families Citing this family (205)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7809642B1 (en) 1998-06-22 2010-10-05 Jpmorgan Chase Bank, N.A. Debit purchasing of stored value card for use by and/or delivery to others
US6615189B1 (en) 1998-06-22 2003-09-02 Bank One, Delaware, National Association Debit purchasing of stored value card for use by and/or delivery to others
US6032136A (en) * 1998-11-17 2000-02-29 First Usa Bank, N.A. Customer activated multi-value (CAM) card
US7660763B1 (en) 1998-11-17 2010-02-09 Jpmorgan Chase Bank, N.A. Customer activated multi-value (CAM) card
US8793160B2 (en) 1999-12-07 2014-07-29 Steve Sorem System and method for processing transactions
US7113914B1 (en) * 2000-04-07 2006-09-26 Jpmorgan Chase Bank, N.A. Method and system for managing risks
US6993448B2 (en) * 2000-08-09 2006-01-31 Telos Corporation System, method and medium for certifying and accrediting requirements compliance
US7380270B2 (en) * 2000-08-09 2008-05-27 Telos Corporation Enhanced system, method and medium for certifying and accrediting requirements compliance
US7882555B2 (en) * 2001-03-16 2011-02-01 Kavado, Inc. Application layer security method and system
US7313546B2 (en) 2001-05-23 2007-12-25 Jp Morgan Chase Bank, N.A. System and method for currency selectable stored value instrument
US8004971B1 (en) 2001-05-24 2011-08-23 F5 Networks, Inc. Method and system for scaling network traffic managers using connection keys
US7102996B1 (en) 2001-05-24 2006-09-05 F5 Networks, Inc. Method and system for scaling network traffic managers
FR2826811B1 (en) * 2001-06-27 2003-11-07 France Telecom CRYPTOGRAPHIC AUTHENTICATION PROCESS
WO2003010701A1 (en) 2001-07-24 2003-02-06 First Usa Bank, N.A. Multiple account card and transaction routing
JP3842592B2 (en) * 2001-07-26 2006-11-08 株式会社東芝 Change risk measurement system, change risk measurement method, and change risk measurement program
US8020754B2 (en) 2001-08-13 2011-09-20 Jpmorgan Chase Bank, N.A. System and method for funding a collective account by use of an electronic tag
US7306141B1 (en) * 2001-08-13 2007-12-11 Jpmorgan Chase Bank, N.A. System and method for funding a collective account by use of an electronic tag
US7359865B1 (en) * 2001-11-05 2008-04-15 I2 Technologies Us, Inc. Generating a risk assessment regarding a software implementation project
JP2003186696A (en) * 2001-12-13 2003-07-04 Nec Corp Method for diagnosing system risk, and program and device therefor
US7543056B2 (en) 2002-01-15 2009-06-02 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7243148B2 (en) * 2002-01-15 2007-07-10 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7257630B2 (en) 2002-01-15 2007-08-14 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7664845B2 (en) * 2002-01-15 2010-02-16 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7930230B2 (en) 2002-02-13 2011-04-19 Sap Ag Methods and systems for risk evaluation
EP1336927A1 (en) * 2002-02-13 2003-08-20 Sap Ag Method and system for risk evaluation
US20030154269A1 (en) * 2002-02-14 2003-08-14 Nyanchama Matunda G. Method and system for quantitatively assessing computer network vulnerability
US7756896B1 (en) 2002-03-11 2010-07-13 Jp Morgan Chase Bank System and method for multi-dimensional risk analysis
US7899753B1 (en) 2002-03-25 2011-03-01 Jpmorgan Chase Bank, N.A Systems and methods for time variable financial authentication
AU2003230751A1 (en) 2002-03-29 2003-10-13 Bank One, Delaware, N.A. System and process for performing purchase transaction using tokens
US20040210498A1 (en) 2002-03-29 2004-10-21 Bank One, National Association Method and system for performing purchase and other transactions using tokens with multiple chips
US7552480B1 (en) * 2002-04-23 2009-06-23 Citibank, N.A. Method and system of assessing risk using a one-dimensional risk assessment model
IL149583A0 (en) * 2002-05-09 2003-07-06 Kavado Israel Ltd Method for automatic setting and updating of a security policy
JP4033291B2 (en) * 2002-05-29 2008-01-16 株式会社日立製作所 Project risk management system
US7512543B2 (en) * 2002-05-29 2009-03-31 Schlumberger Technology Corporation Tools for decision-making in reservoir risk management
BR0215761A (en) * 2002-06-18 2006-11-28 Computer Ass Think Inc methods and systems for managing enterprise resources
US8239304B1 (en) 2002-07-29 2012-08-07 Jpmorgan Chase Bank, N.A. Method and system for providing pre-approved targeted products
US7809595B2 (en) 2002-09-17 2010-10-05 Jpmorgan Chase Bank, Na System and method for managing risks associated with outside service providers
US7472421B2 (en) * 2002-09-30 2008-12-30 Electronic Data Systems Corporation Computer model of security risks
US8407798B1 (en) 2002-10-01 2013-03-26 Skybox Secutiry Inc. Method for simulation aided security event management
US8359650B2 (en) * 2002-10-01 2013-01-22 Skybox Secutiry Inc. System, method and computer readable medium for evaluating potential attacks of worms
US6980927B2 (en) * 2002-11-27 2005-12-27 Telos Corporation Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing continuous risk assessment
US6983221B2 (en) * 2002-11-27 2006-01-03 Telos Corporation Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing robust risk assessment model
US20040103309A1 (en) * 2002-11-27 2004-05-27 Tracy Richard P. Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing threat vulnerability feed
JP2006518080A (en) * 2003-02-14 2006-08-03 プリベンシス,インコーポレイティド Network audit and policy assurance system
SG115533A1 (en) * 2003-04-01 2005-10-28 Maximus Consulting Pte Ltd Risk control system
US7739494B1 (en) 2003-04-25 2010-06-15 Symantec Corporation SSL validation and stripping using trustworthiness factors
US8185747B2 (en) * 2003-05-22 2012-05-22 Access Security Protection, Llc Methods of registration for programs using verification processes with biometrics for fraud management and enhanced security protection
US8306907B2 (en) 2003-05-30 2012-11-06 Jpmorgan Chase Bank N.A. System and method for offering risk-based interest rates in a credit instrument
US8010387B2 (en) * 2003-06-04 2011-08-30 California Institute Of Technology Method, computer program product, and system for risk management
AU2004248608A1 (en) * 2003-06-09 2004-12-23 Greenline Systems, Inc. A system and method for risk detection, reporting and infrastructure
US8769680B2 (en) * 2003-06-12 2014-07-01 International Business Machines Corporation Alert passwords for detecting password attacks on systems
US20070113272A2 (en) 2003-07-01 2007-05-17 Securityprofiling, Inc. Real-time vulnerability monitoring
US9118711B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US9350752B2 (en) 2003-07-01 2016-05-24 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US9118708B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc Multi-path remediation
US9118710B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc System, method, and computer program product for reporting an occurrence in different manners
US9118709B2 (en) 2003-07-01 2015-08-25 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US8984644B2 (en) 2003-07-01 2015-03-17 Securityprofiling, Llc Anti-vulnerability system, method, and computer program product
US9100431B2 (en) 2003-07-01 2015-08-04 Securityprofiling, Llc Computer program product and apparatus for multi-path remediation
US7953663B1 (en) 2003-09-04 2011-05-31 Jpmorgan Chase Bank, N.A. System and method for financial instrument pre-qualification and offering
US7698148B2 (en) * 2003-09-12 2010-04-13 Raytheon Company Web-based risk management tool and method
US8214906B2 (en) * 2003-10-21 2012-07-03 International Business Machines Corporation System, method and program product to determine security risk of an application
US20050096953A1 (en) * 2003-11-01 2005-05-05 Ge Medical Systems Global Technology Co., Llc Methods and apparatus for predictive service for information technology resource outages
US7526806B2 (en) * 2003-11-05 2009-04-28 Cisco Technology, Inc. Method and system for addressing intrusion attacks on a computer system
US20050102534A1 (en) * 2003-11-12 2005-05-12 Wong Joseph D. System and method for auditing the security of an enterprise
US20050137918A1 (en) * 2003-12-17 2005-06-23 International Business Machines Corporation Method, system and program product for assessing an enterprise architecture
US7797752B1 (en) * 2003-12-17 2010-09-14 Vimal Vaidya Method and apparatus to secure a computing environment
US8136163B2 (en) * 2004-01-16 2012-03-13 International Business Machines Corporation Method, apparatus and program storage device for providing automated tracking of security vulnerabilities
US8201257B1 (en) 2004-03-31 2012-06-12 Mcafee, Inc. System and method of managing network security risks
US7084760B2 (en) * 2004-05-04 2006-08-01 International Business Machines Corporation System, method, and program product for managing an intrusion detection system
US8050951B2 (en) * 2004-06-04 2011-11-01 California Institute Of Technology Method, computer program product, and system for risk management
US8020210B2 (en) * 2004-06-09 2011-09-13 Verizon Patent And Licensing Inc. System and method for assessing risk to a collection of information resources
JP2005352742A (en) * 2004-06-10 2005-12-22 Hitachi Ltd Simulation program and simulation apparatus
US7899516B2 (en) * 2004-06-23 2011-03-01 M2S, Inc. Method and apparatus for determining the risk of rupture of a blood vessel using the contiguous element defined area
JP2008510499A (en) * 2004-06-23 2008-04-10 エムツーエス・インコーポレーテッド Anatomical visualization / measurement system
US8677496B2 (en) * 2004-07-15 2014-03-18 AlgoSec Systems Ltd. Method and apparatus for automatic risk assessment of a firewall configuration
US20060015934A1 (en) * 2004-07-15 2006-01-19 Algorithmic Security Inc Method and apparatus for automatic risk assessment of a firewall configuration
US7392222B1 (en) 2004-08-03 2008-06-24 Jpmorgan Chase Bank, N.A. System and method for providing promotional pricing
US8312549B2 (en) * 2004-09-24 2012-11-13 Ygor Goldberg Practical threat analysis
CA2590926A1 (en) * 2004-12-13 2006-06-22 Lawrence R. Guinta Critically/vulnerability/risk logic analysis methodology for business enterprise and cyber security
US7895650B1 (en) * 2004-12-15 2011-02-22 Symantec Corporation File system based risk profile transfer
DE102004061344A1 (en) * 2004-12-20 2006-07-06 Siemens Ag Method for the safe design of a system, associated system component and software
US20060161471A1 (en) * 2005-01-19 2006-07-20 Microsoft Corporation System and method for multi-dimensional average-weighted banding status and scoring
US7272582B2 (en) * 2005-02-10 2007-09-18 Data Gater, Llc Fee determination device
US7743421B2 (en) 2005-05-18 2010-06-22 Alcatel Lucent Communication network security risk exposure management systems and methods
US7401731B1 (en) 2005-05-27 2008-07-22 Jpmorgan Chase Bank, Na Method and system for implementing a card product with multiple customized relationships
US20060277080A1 (en) * 2005-06-03 2006-12-07 Demartine Patrick Method and system for automatically testing information technology control
GB2427048A (en) 2005-06-09 2006-12-13 Avecho Group Ltd Detection of unwanted code or data in electronic mail
US20070006315A1 (en) * 2005-07-01 2007-01-04 Firas Bushnaq Network asset security risk surface assessment apparatus and method
US7860765B2 (en) * 2005-09-07 2010-12-28 International Business Machines Corporation System and method for assessing risks of a software solution for a customer
US8438643B2 (en) * 2005-09-22 2013-05-07 Alcatel Lucent Information system service-level security risk analysis
US8095984B2 (en) 2005-09-22 2012-01-10 Alcatel Lucent Systems and methods of associating security vulnerabilities and assets
US8544098B2 (en) 2005-09-22 2013-09-24 Alcatel Lucent Security vulnerability information aggregation
US20070067845A1 (en) * 2005-09-22 2007-03-22 Alcatel Application of cut-sets to network interdependency security risk assessment
US20070106599A1 (en) * 2005-11-07 2007-05-10 Prolify Ltd. Method and apparatus for dynamic risk assessment
US20070180101A1 (en) * 2006-01-10 2007-08-02 A10 Networks Inc. System and method for storing data-network activity information
US10083481B2 (en) 2006-02-02 2018-09-25 Oracle America, Inc. IT risk management framework and methods
US7784682B2 (en) 2006-02-08 2010-08-31 Jpmorgan Chase Bank, N.A. System and method for granting promotional rewards to both customers and non-customers
US8408455B1 (en) 2006-02-08 2013-04-02 Jpmorgan Chase Bank, N.A. System and method for granting promotional rewards to both customers and non-customers
DE502007004858D1 (en) * 2006-03-23 2010-10-07 Fujitsu Technology Solutions I METHOD AND MANAGEMENT SYSTEM FOR CONFIGURING AN INFORMATION SYSTEM
US8261181B2 (en) 2006-03-30 2012-09-04 Microsoft Corporation Multidimensional metrics-based annotation
US7840896B2 (en) 2006-03-30 2010-11-23 Microsoft Corporation Definition and instantiation of metric based business logic reports
US7716592B2 (en) * 2006-03-30 2010-05-11 Microsoft Corporation Automated generation of dashboards for scorecard metrics and subordinate reporting
US7753259B1 (en) 2006-04-13 2010-07-13 Jpmorgan Chase Bank, N.A. System and method for granting promotional rewards to both customers and non-customers
US8190992B2 (en) 2006-04-21 2012-05-29 Microsoft Corporation Grouping and display of logically defined reports
US7716571B2 (en) 2006-04-27 2010-05-11 Microsoft Corporation Multidimensional scorecard header definition
US8151322B2 (en) 2006-05-16 2012-04-03 A10 Networks, Inc. Systems and methods for user access authentication based on network access point
US7769684B2 (en) * 2006-05-19 2010-08-03 Accenture Global Services Gmbh Semi-quantitative risk analysis
US7752125B1 (en) * 2006-05-24 2010-07-06 Pravin Kothari Automated enterprise risk assessment
US7552126B2 (en) * 2006-06-02 2009-06-23 A10 Networks, Inc. Access record gateway
US7971252B2 (en) 2006-06-09 2011-06-28 Massachusetts Institute Of Technology Generating a multiple-prerequisite attack graph
US8332947B1 (en) * 2006-06-27 2012-12-11 Symantec Corporation Security threat reporting in light of local security tools
US7571109B2 (en) * 2006-07-14 2009-08-04 Fawls Robert A System and method for assessing operational process risk and quality by calculating operational value at risk
US20080077608A1 (en) * 2006-08-31 2008-03-27 Caterpillar Inc. System and method for appraising risk
US8935380B2 (en) * 2006-09-22 2015-01-13 Oracle America, Inc. Automated product knowledge catalog
US7716378B2 (en) 2006-10-17 2010-05-11 A10 Networks, Inc. System and method to associate a private user identity with a public user identity
US8312507B2 (en) 2006-10-17 2012-11-13 A10 Networks, Inc. System and method to apply network traffic policy to an application session
US9729513B2 (en) 2007-11-08 2017-08-08 Glasswall (Ip) Limited Using multiple layers of policy management to manage risk
US7937353B2 (en) * 2007-01-15 2011-05-03 International Business Machines Corporation Method and system for determining whether to alter a firewall configuration
US9058307B2 (en) 2007-01-26 2015-06-16 Microsoft Technology Licensing, Llc Presentation generation using scorecard elements
US8321805B2 (en) 2007-01-30 2012-11-27 Microsoft Corporation Service architecture based metric views
US8495663B2 (en) 2007-02-02 2013-07-23 Microsoft Corporation Real time collaboration using embedded data visualizations
US7900259B2 (en) * 2007-03-16 2011-03-01 Prevari Predictive assessment of network risks
US8744894B2 (en) * 2007-04-30 2014-06-03 Evantix Grc, Llc Method and system for assessing, managing, and monitoring information technology risk
US8782771B2 (en) * 2007-06-19 2014-07-15 Rockwell Automation Technologies, Inc. Real-time industrial firewall
US8676642B1 (en) 2007-07-05 2014-03-18 Jpmorgan Chase Bank, N.A. System and method for granting promotional rewards to financial account holders
US8266682B2 (en) * 2007-08-20 2012-09-11 Ebay Inc. System and methods for weak authentication data reinforcement
US20110047114A1 (en) * 2007-10-03 2011-02-24 Acuity Risk Management Llp Method, apparatus and computer program for enabling management of risk and/or opportunity
US8417601B1 (en) 2007-10-18 2013-04-09 Jpmorgan Chase Bank, N.A. Variable rate payment card
US20090018885A1 (en) * 2007-11-21 2009-01-15 Parales Joseph D Risk management and compliance system and related methods
US8478627B2 (en) * 2008-02-28 2013-07-02 International Business Machines Corporation Method for reducing risk associated with a task
US8170903B2 (en) * 2008-04-10 2012-05-01 Computer Associates Think, Inc. System and method for weighting configuration item relationships supporting business critical impact analysis
US20090276259A1 (en) * 2008-05-02 2009-11-05 Karol Bliznak Aggregating risk in an enterprise strategy and performance management system
US8255881B2 (en) * 2008-06-19 2012-08-28 Caterpillar Inc. System and method for calculating software certification risks
US8131615B2 (en) * 2008-06-27 2012-03-06 Fair Isaac Corporation Incremental factorization-based smoothing of sparse multi-dimensional risk tables
US20090327921A1 (en) * 2008-06-27 2009-12-31 Microsoft Corporation Animation to visualize changes and interrelationships
US20090327000A1 (en) * 2008-06-30 2009-12-31 Davis Trevor A Managing Change Requests in an Enterprise
WO2010019461A2 (en) * 2008-08-15 2010-02-18 Raytheon Company Method and apparatus for critical infrastructure protection
US8112304B2 (en) * 2008-08-15 2012-02-07 Raytheon Company Method of risk management across a mission support network
US20100145750A1 (en) * 2008-12-09 2010-06-10 International Business Machines Corporation Evaluating Service Oriented Architecture Governance Maturity
US8244548B2 (en) * 2008-12-18 2012-08-14 International Business Machines Corporation Augmenting service oriented architecture governance maturity
JP4469910B1 (en) * 2008-12-24 2010-06-02 株式会社東芝 Security measure function evaluation program
US8516312B2 (en) * 2009-03-16 2013-08-20 Peter Beasley Behavior-based invention for predicting and avoiding network downtime
US20100241478A1 (en) * 2009-03-20 2010-09-23 Mehmet Sahinoglu Method of automating security risk assessment and management with a cost-optimized allocation plan
US8682708B2 (en) * 2009-10-29 2014-03-25 Bank Of America Corporation Reputation risk framework
US9754225B2 (en) * 2010-03-22 2017-09-05 Micro Focus Software Inc. Automated risk assessment and management
CN102214348A (en) * 2010-04-07 2011-10-12 Sap股份公司 Data management for top-down risk-based auditing approach
JP5581162B2 (en) * 2010-09-29 2014-08-27 株式会社Pfu Information processing apparatus, password diagnosis method, and program
US9785901B2 (en) * 2010-10-04 2017-10-10 International Business Machines Corporation Business process development and run time tool
US20120101870A1 (en) * 2010-10-22 2012-04-26 International Business Machines Corporation Estimating the Sensitivity of Enterprise Data
US8516597B1 (en) * 2010-12-02 2013-08-20 Symantec Corporation Method to calculate a risk score of a folder that has been scanned for confidential information
US9094291B1 (en) 2010-12-14 2015-07-28 Symantec Corporation Partial risk score calculation for a data object
US8621637B2 (en) * 2011-01-10 2013-12-31 Saudi Arabian Oil Company Systems, program product and methods for performing a risk assessment workflow process for plant networks and systems
US8938531B1 (en) 2011-02-14 2015-01-20 Digital Defense Incorporated Apparatus, system and method for multi-context event streaming network vulnerability scanner
US20120215575A1 (en) * 2011-02-22 2012-08-23 Bank Of America Corporation Risk Assessment And Prioritization Framework
WO2012119030A2 (en) * 2011-03-02 2012-09-07 Kilpatrick Townsend & Stockton Llp Methods and systems for determing risk associated with a requirements document
JP5800353B2 (en) * 2011-03-29 2015-10-28 日本電気株式会社 Risk management device
US8997234B2 (en) * 2011-07-27 2015-03-31 Mcafee, Inc. System and method for network-based asset operational dependence scoring
US9613323B2 (en) * 2012-01-05 2017-04-04 International Business Machines Corporation Organizational agility determination across multiple computing domains
US20130179230A1 (en) * 2012-01-05 2013-07-11 International Business Machines Corporation Organizational agility improvement and prioritization across multiple computing domains
US8844045B2 (en) 2012-09-14 2014-09-23 Mastercard International Incorporated Methods and systems for evaluating software for known vulnerabilities
TWI482047B (en) * 2012-11-06 2015-04-21 Inst Information Industry Information security audit method, system and computer readable storage medium for storing thereof
ITMI20122255A1 (en) * 2012-12-28 2014-06-29 Eni Spa METHOD AND SYSTEM FOR RISK ASSESSMENT FOR THE SAFETY OF AN INDUSTRIAL INSTALLATION
US20140325670A1 (en) * 2013-04-25 2014-10-30 Rivendale Software Solution Private Limited System and method for providing risk score based on sensitive information inside user device
US9122853B2 (en) 2013-06-24 2015-09-01 A10 Networks, Inc. Location determination for user authentication
GB2518880A (en) 2013-10-04 2015-04-08 Glasswall Ip Ltd Anti-Malware mobile content data management apparatus and method
US9246935B2 (en) * 2013-10-14 2016-01-26 Intuit Inc. Method and system for dynamic and comprehensive vulnerability management
US11165770B1 (en) 2013-12-06 2021-11-02 A10 Networks, Inc. Biometric verification of a human internet user
US9501345B1 (en) 2013-12-23 2016-11-22 Intuit Inc. Method and system for creating enriched log data
US20150205965A1 (en) * 2014-01-22 2015-07-23 Lexisnexis, A Division Of Reed Elsevier Inc. Systems and methods for determining overall risk modification amounts
US9325726B2 (en) 2014-02-03 2016-04-26 Intuit Inc. Method and system for virtual asset assisted extrusion and intrusion detection in a cloud computing environment
US20150304343A1 (en) 2014-04-18 2015-10-22 Intuit Inc. Method and system for providing self-monitoring, self-reporting, and self-repairing virtual assets in a cloud computing environment
US10757133B2 (en) 2014-02-21 2020-08-25 Intuit Inc. Method and system for creating and deploying virtual assets
US9866581B2 (en) 2014-06-30 2018-01-09 Intuit Inc. Method and system for secure delivery of information to computing environments
US9276945B2 (en) 2014-04-07 2016-03-01 Intuit Inc. Method and system for providing security aware applications
US9245117B2 (en) 2014-03-31 2016-01-26 Intuit Inc. Method and system for comparing different versions of a cloud based application in a production environment using segregated backend systems
US11294700B2 (en) 2014-04-18 2022-04-05 Intuit Inc. Method and system for enabling self-monitoring virtual assets to correlate external events with characteristic patterns associated with the virtual assets
US20150312276A1 (en) * 2014-04-29 2015-10-29 1E Limited White lists
US9900322B2 (en) 2014-04-30 2018-02-20 Intuit Inc. Method and system for providing permissions management
US20150341238A1 (en) * 2014-05-21 2015-11-26 Virtual Instruments Corporation Identifying slow draining devices in a storage area network
US9330263B2 (en) 2014-05-27 2016-05-03 Intuit Inc. Method and apparatus for automating the building of threat models for the public cloud
US10102082B2 (en) 2014-07-31 2018-10-16 Intuit Inc. Method and system for providing automated self-healing virtual assets
US9473481B2 (en) 2014-07-31 2016-10-18 Intuit Inc. Method and system for providing a virtual asset perimeter
US9349111B1 (en) * 2014-11-21 2016-05-24 Amdocs Software Systems Limited System, method, and computer program for calculating risk associated with a software testing project
US9330264B1 (en) 2014-11-26 2016-05-03 Glasswall (Ip) Limited Statistical analytic method for the determination of the risk posed by file based content
US9467455B2 (en) 2014-12-29 2016-10-11 Palantir Technologies Inc. Systems for network risk assessment including processing of user access rights associated with a network of devices
US9648036B2 (en) 2014-12-29 2017-05-09 Palantir Technologies Inc. Systems for network risk assessment including processing of user access rights associated with a network of devices
US9100430B1 (en) 2014-12-29 2015-08-04 Palantir Technologies Inc. Systems for network risk assessment including processing of user access rights associated with a network of devices
US10834065B1 (en) 2015-03-31 2020-11-10 F5 Networks, Inc. Methods for SSL protected NTLM re-authentication and devices thereof
US9600666B1 (en) 2015-12-03 2017-03-21 International Business Machines Corporation Dynamic optimizing scanner for identity and access management (IAM) compliance verification
US10404698B1 (en) 2016-01-15 2019-09-03 F5 Networks, Inc. Methods for adaptive organization of web application access points in webtops and devices thereof
GB2553836B (en) 2016-09-16 2021-05-19 1E Ltd File execution
US10581896B2 (en) * 2016-12-30 2020-03-03 Chronicle Llc Remedial actions based on user risk assessments
US9953372B1 (en) * 2017-05-22 2018-04-24 Insurance Zebra Inc. Dimensionality reduction of multi-attribute consumer profiles
US9930062B1 (en) 2017-06-26 2018-03-27 Factory Mutual Insurance Company Systems and methods for cyber security risk assessment
US20190172129A1 (en) * 2017-12-06 2019-06-06 Mastercard International Incorporated Systems and methods for using aggregated merchant analytics to analyze merchant loan risk
US20200067961A1 (en) * 2018-08-21 2020-02-27 Didi Research America, Llc Data security risks evaluation for threat detection
US11321467B2 (en) 2018-08-21 2022-05-03 Beijing Didi Infinity Technology And Development Co., Ltd. System and method for security analysis
CN109617910B (en) * 2019-01-08 2023-03-24 平安科技(深圳)有限公司 Vulnerability risk assessment method and device, storage medium and server
US11411979B2 (en) 2019-09-06 2022-08-09 International Business Machines Corporation Compliance process risk assessment
US11194628B2 (en) 2019-12-03 2021-12-07 International Business Machines Corporation Workload allocation utilizing real-time enterprise resiliency scoring
US11256814B2 (en) 2020-03-16 2022-02-22 Kyndryl, Inc. Application selection based on cumulative vulnerability risk assessment
CN112165498B (en) * 2020-11-12 2022-10-25 北京华云安信息技术有限公司 Intelligent decision-making method and device for penetration test
CN112801453A (en) * 2020-12-30 2021-05-14 哈尔滨工大天创电子有限公司 Risk assessment method, device, terminal and storage medium
CN113672914A (en) * 2021-08-23 2021-11-19 郑州云智信安安全技术有限公司 Risk assessment method and device for APP personal data security

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5311593A (en) 1992-05-13 1994-05-10 Chipcom Corporation Security system for a network concentrator
EP0667722A1 (en) * 1994-02-09 1995-08-16 Koninklijke KPN N.V. Method of detecting service interactions in intelligent networks
US6006016A (en) 1994-11-10 1999-12-21 Bay Networks, Inc. Network fault correlation
US5679938A (en) * 1994-12-02 1997-10-21 Telecheck International, Inc. Methods and systems for interactive check authorizations
US5734697A (en) 1995-04-28 1998-03-31 Mci Corporation Method and apparatus for improving telecommunications system performance
US5655074A (en) * 1995-07-06 1997-08-05 Bell Communications Research, Inc. Method and system for conducting statistical quality analysis of a complex system
US5892903A (en) 1996-09-12 1999-04-06 Internet Security Systems, Inc. Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
US5930762A (en) * 1996-09-24 1999-07-27 Rco Software Limited Computer aided risk management in multiple-parameter physical systems
US5798950A (en) * 1996-10-31 1998-08-25 International Business Machines Corporation Method and apparatus for estimating durations of activities in forming a current system, based on past durations of activities in forming past systems
US5991743A (en) * 1997-06-30 1999-11-23 General Electric Company System and method for proactively monitoring risk exposure
US6064972A (en) * 1997-09-17 2000-05-16 At&T Corp Risk management technique for network access
US6298445B1 (en) 1998-04-30 2001-10-02 Netect, Ltd. Computer security
US6125453A (en) * 1998-06-30 2000-09-26 Sandia Corporation Cut set-based risk and reliability analysis for arbitrarily interconnected networks
US6282546B1 (en) * 1998-06-30 2001-08-28 Cisco Technology, Inc. System and method for real-time insertion of data into a multi-dimensional database for network intrusion detection and vulnerability assessment
US6223143B1 (en) * 1998-08-31 2001-04-24 The United States Government As Represented By The Administrator Of The National Aeronautics And Space Administration Quantitative risk assessment system (QRAS)
US6219805B1 (en) * 1998-09-15 2001-04-17 Nortel Networks Limited Method and system for dynamic risk assessment of software systems
EP0999489A2 (en) * 1998-11-06 2000-05-10 Citibank, N.A. Method and system for evaluating information security
US6301668B1 (en) 1998-12-29 2001-10-09 Cisco Technology, Inc. Method and system for adaptive network security using network vulnerability assessment
US6205552B1 (en) * 1998-12-31 2001-03-20 Mci Worldcom, Inc. Method and apparatus for checking security vulnerability of networked devices
US6397202B1 (en) * 1999-07-01 2002-05-28 The United States Of America As Represented By The Secretary Of The Navy System and method for monitoring risk in a system development program
US6535227B1 (en) * 2000-02-08 2003-03-18 Harris Corporation System and method for assessing the security posture of a network and having a graphical user interface
AU2002244083A1 (en) 2001-01-31 2002-08-12 Timothy David Dodd Method and system for calculating risk in association with a security audit of a computer network
US20030033261A1 (en) * 2001-03-16 2003-02-13 Knegendorf William A. Method for performing risk-based pricing of a service or good

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
GEROSA S. ET AL.: "Methods and applications of riks management in space programs", PROCEEDINGS OF THE 30TH ANNUAL PROJECT MANAGEMENT INSTITUTE 1999, October 1999 (1999-10-01), pages 1 - 7, XP002961213 *

Also Published As

Publication number Publication date
AU2002256018A1 (en) 2002-10-15
US7613625B2 (en) 2009-11-03
WO2002079907A8 (en) 2003-02-20
US6895383B2 (en) 2005-05-17
US20030046128A1 (en) 2003-03-06
US20050114186A1 (en) 2005-05-26
WO2002079907A2 (en) 2002-10-10

Similar Documents

Publication Publication Date Title
WO2002079907A8 (en) Overall risk in a system
WO2002062049A3 (en) Method and system for calculating risk in association with a security audit of a computer network
CN110991552B (en) Isolated forest model construction and prediction method and device based on federal learning
WO2005036308A3 (en) Regulation compliance and threat identification for business optimization
US20070112667A1 (en) System and method for providing a fraud risk score
WO2005045602A3 (en) Systems and methods for recommending business decisions influenced by weather elements
WO2004051406A3 (en) Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing robust risk assessment model
WO2003102764A3 (en) Behavior-based adaptation of computer systems
CN106548349A (en) Transaction Information verification method and system
CN111460312A (en) Method and device for identifying empty-shell enterprise and computer equipment
WO2007002611A3 (en) Healthcare claims loss control systems and methods
CN110728290A (en) Method and device for detecting security of data model
US20140019215A1 (en) System for assessing procedure compliance level of human operators in nuclear power plants and method thereof
CN112039704B (en) Information system risk assessment method based on risk propagation
CN111160802A (en) Method and device for evaluating preset scheme
CN113824745A (en) Network safety emergency disposal system based on recurrent neural network model
CN104320271A (en) Network device security evaluation method and device
CN114723542A (en) Detection method, device, equipment and storage medium for tax abnormal binding behavior
WO2007056337A3 (en) System and method for automated management and training in custom home design and build projects
CN111312414A (en) Fatigue evaluation method of nuclear power plant fatigue monitoring and life evaluation system
WO2004084028A3 (en) Link analysis mapping program risk management
CN108805453A (en) A kind of Network Abnormal safety evaluation method in power distribution network CPS based on AHP
WO2003009180A3 (en) Method and system for reorganizing a tablespace in a database
CN113762976A (en) Method and device for identifying fraud short messages, electronic equipment and computer storage medium
CN115860455A (en) Transformer substation asset monitoring risk assessment method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: C1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: C1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

CFP Corrected version of a pamphlet front page
CR1 Correction of entry in section i

Free format text: PAT. BUL. 41/2002 UNDER (30) REPLACE "NOT FURNISHED" BY "10/113202"

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP