Research Proposal: Decision Support System (DSS) Assuring

Pages: 10 (3582 words)  ·  Style: APA  ·  Bibliography Sources: 6  ·  Level: Doctorate  ·  Topic: Business  ·  Buy This Paper


[. . .] However, an overall efficacy in leading invention, innovation and commercialization is what the new concept of strategic leadership requires in this case. Distinctively speaking, the very measures which are supposed to gauge a CEO's leadership and creating creativity abilities need change. The interaction between innovation quality, quantity, and uniqueness and creative leadership has become extremely complex. The best leaders are thought to be those who can explore and exploit concurrently, while also lead imaginatively and operationally because today's innovation process involves three interrelated concepts, i.e. idea generation (invention), idea development, and idea commercialization (Bartels and Reinders, 2010). Therefore, the leadership plays an integral role in the successful implementation and integration of this particular Decision Support Systems.

3. Decision Support System (DSS) Proposal

The majority of IT security management strategies contain check-lists which decision makers utilize to build up a protection method; these usually have been nothing more than a triage strategy to categorizing risks. A very common method for risk creation continues to be the making of the risk cube, in which every single axis or perhaps dimension signifies one among the 3 pieces of risk (threats, resources, as well as weaknesses), and also the volume related to the cube signifies the quantity of risk (Brewer, 2006). Any kind of countermeasure which could lessen the length related to the face alongside a dimension ought to be considered, as being a smaller sized cube right after mitigation endeavours happen to be carried out, signifies a reduced risk. Although this visualization continues to be useful to managers to understand risks, it doesn't recommend any organized mechanism for lowering the risk elements or creating economic tradeoffs.

3.1 Discuss how a decision support system can help in each process

Several designs have been produced which make an effort to cope with risk analysis within a qualitative method. Mark Egan (the then CTO in Symantec) within his publication The Executive Guide To Information Security, introduced an easy to use tabular design that enables end users to rate risk severities directly into 1 of 3 groups/posts (low, medium, as well as high) and after that to average along posts (Egan, 2005). This straightforward triage method of subjective threat influence evaluation, even though useful, has been unable to seize system uncertainness. Bistarelli et al. (2007) utilized defence trees as well as conditional preference networking systems (CP-nets) like formalism to pick groups of countermeasures and also to factor with qualitative as well as conditional preference data. Alberts and Dorofee (2002) created a program called OCTAVE that also makes use of qualitative data to evaluate risk. GAO/AMID (1999) prioritized threat according to a risk examination matrix that is representative of risk ranges based on the intensity and also the possibility of prevalence of dangerous events; both of these elements have been subsequently scaled within a qualitative method. Nevertheless, none of those qualitative techniques permits the kind of threat tradeoffs required for systematic evaluation resulting in an ideal portfolio.

3.2 In which portion related to the decision making process is a DSS most helpful for decision makers? Why?

Security planning entails applying the very best countermeasures to lessen the specific risks that confront the company. Nevertheless, equally the degree of risks and also the usefulness of countermeasures in opposition to those risks have been hard to measure as well as quantify. The actual contribution of the paper may be the introduction of a decision support system which clearly understands that insufficient accuracy by assessing system risk for any situation when risks levels, countermeasure expenses, as well as asset damages have been doubtful. Managers might use this system to organize smartly which countermeasures to use to satisfy a particular spending plan, whilst characterizing the spectrum of threats towards the firm. This technique ought to be accepted by professionals who've contended that they have no idea which countermeasures to spend money on and just how beneficial such costs are going to be (Baker et al., 2007). The system permits the specification regarding model inputs in "buckets" to satisfy the demand of managers to convey data at the degree of significance they could believe.

3.3 What type of DSS do you recommend your proposed decision making processes? Explain.

We recommend a blend of the following DSS systems. Firstly, it is noteworthy that individuals have attempted strategies that evaluate IT security threat analysis. Beauregard (2001) utilized the specific Value Focused Thinking (VFT) strategy from standard threat analysis to evaluate the amount of information reassurance inside the Department of Defence divisions. Whilst subjective ratings in VFT have been normalized towards the spectrum (0, 1) and have been similar conceptually to fuzzy account valuations in fuzzy-set assessment, they have been basically point estimations related to the value (reduction) of a specified result. Consequently, they are afflicted by the lack of ability to convey any kind of distributional qualities, as has been feasible by using fuzzy units. Within a related line of thinking, Buckshaw et al. (2005) handled the appearance of critical DOD methods within an analysis strategy they referred to as MORDA, "Mission Oriented Risk and Design Analysis." MORDA holds VFT as well as embeds it inside a planning program referred to as, "Security Optimization Countermeasure Risk and Threat Evaluation System," (SOCRATES). Nevertheless, once more, threat determinations have been restricted to point estimations. Kujawski and Miller (2007) explain a quantitative threat-founded evaluation application for picking military counterterrorism programs which "enables confidence degrees instead of just point estimations," however it demands conditional probability syndication information on risk levels as well as implications. As one example of their strategy, they presume Weibull distributions for each and every procedure; however recognize that insufficient probabilistic data has been difficult.

3.4 Provide the design specifications for the system:

We think about a scenario where IT-associated resources have been under breach by possibly external or perhaps internal provocations. A company might encounter numerous threats at any time eventually (Baker et al., 2007). If effective, these threats assault assets related to numerous business procedures, and when the assets have not been safeguarded, their harm and damage can lead to financial losses to the company. To protect its resources, the company makes use of countermeasures made to obstruct or offset the intensity related to the attack, and perhaps use a higher level of protection as soon as the assets have been assaulted (file recovery, system re-load, etc.). Given that countermeasures have been expensive to put into action, the company has been compelled to tradeoff countermeasure expenses vs. The anticipated decrease in financial losses.

We determine risk as being the product of risk incidences (anticipated events/year) as well as their resulting damages in dollars/event. Therefore, yearly threat has been

R = ?iEiLi (C) where

R= risk in us dollars each year i= index which represents the various risks confronting the company

Ei= the actual expected volume of security situations of kind I each year

Li (C) = anticipated dollar losses brought on by security event I considering the current range of countermeasures C.

We make reference to the word Li (C) as being the single-event loss expectations. There have been 3 main kinds of single-event loss expectations. The very first has been brand harm which signifies harm to a company's persona (for instance, when associates within a supply chain with, say for instance, Equifax or perhaps Visa have data files with exclusive customer details compromised from their store). The 2nd has been regulation penalties. This sort of loss may happen, for instance, in the event that a medical centre does not adhere to the federal 1996 Health Insurance Portability and Accountability Act (HIPAA) conditions and terms, and also the discretion of patients' data has been breached. The 3rd has been production damages because of interruption of IT assets that help output (Rees et al., 2011).

4.1 Summary of the problem

Information security breaches are taking places at many levels and in many forms. For instance, it is a known fact that computer software is liable to be infringed and misused which can result in numerous hazardous and damaging situations. Also, One of the most common and significant vulnerabilities of computer systems information security is the creation of faults or deletion of steps in databases or software programs. Another downside that computer systems information security, especially financial systems, might have is the threat of fraud and/or theft. One more problem is that a dysfunctional nature of the peripheral infrastructure can result in the indefinite period of shutdown of the whole system.

4.2 Summary of the DSS proposed

We recommend a blend of the following DSS systems:

Value Focused Thinking (VFT) strategy from standard threat analysis to evaluate the amount of information reassurance

MORDA, "Mission Oriented Risk and Design Analysis." MORDA holds VFT as well as embeds it inside a planning program referred to as, "Security Optimization Countermeasure Risk and Threat Evaluation System," (SOCRATES).

4.3 Summary of the benefits from the proposed DSS

The decision support system introduced in… [END OF PREVIEW]

Four Different Ordering Options:

Which Option Should I Choose?

1.  Buy the full, 10-page paper:  $28.88


2.  Buy + remove from all search engines
(Google, Yahoo, Bing) for 30 days:  $38.88


3.  Access all 175,000+ papers:  $41.97/mo

(Already a member?  Click to download the paper!)


4.  Let us write a NEW paper for you!

Ask Us to Write a New Paper
Most popular!

Decision Support Systems Term Paper

Decision Support Systems Research Proposal

Business Decision Support System Thesis

Decision Support System Term Paper

Information Technology and Decision Support Computer Essay

View 1,000+ other related papers  >>

Cite This Research Proposal:

APA Format

Decision Support System (DSS) Assuring.  (2012, December 4).  Retrieved July 22, 2019, from

MLA Format

"Decision Support System (DSS) Assuring."  4 December 2012.  Web.  22 July 2019. <>.

Chicago Format

"Decision Support System (DSS) Assuring."  December 4, 2012.  Accessed July 22, 2019.