TY  - JOUR
AB  - The pervasive use of information technology in enterprises of every size and the emergence of widely deployed ubiquitous networking technologies have brought with them a widening need for security. Information system security policy development must begin with a thorough analysis of sensitivity and criticality. Risk analysis methodologies, like CRAMM, provide the ability to analyse and manage the associated risks. By performing a risk analysis on a typical small enterprise and a home‐office set‐up the article identifies the risks associated with availability, confidentiality, and integrity requirements. Although both environments share weaknesses and security requirements with larger enterprises, the risk management approaches required are different in nature and scale. Their implementation requires co‐operation between end users, network service providers, and software vendors.
VL  - 7
IS  - 3
SN  - 0968-5227
DO  - 10.1108/09685229910371071
UR  - https://doi.org/10.1108/09685229910371071
AU  - Spinellis D.
AU  - Kokolakis S.
AU  - Gritzalis S.
PY  - 1999
Y1  - 1999/01/01
TI  - Security requirements, risks and recommendations for small enterprise and home‐office environments
T2  - Information Management & Computer Security
PB  - MCB UP Ltd
SP  - 121
EP  - 128
Y2  - 2024/04/24
ER  -