Sophia Faris

Learn More
—Universities in the public and private sectors depend on information technology and information systems to successfully carry out their missions and business functions. Information systems are subject to serious threats that can have adverse effects on organizational operations and assets, and individuals by exploiting both known and unknown(More)
Information has always been in the heart of every organization. During its exchange this information can be altered or modified. It is also considered as a key element for the development of many businesses. In this context, we have the obligation to protect it and secure it. In fact, it can't be protected without the use of frameworks and effective tools(More)
Risk management methodologies, such as Mehari, Ebios, CRAMM and SP 800-30 (NIST) use a common step based on threat, vulnerability and probability witch are typically evaluated intuitively using verbal hazard scales such as low, medium, high. Because of their subjectivity, these categories are extremely difficult to assign to threats, vulnerabilities and(More)
  • 1