| 摘要 |
<p><P>PROBLEM TO BE SOLVED: To provide a risk evaluation method for easily associating information property with threat/fragility at the time of grasping threat/fragility and a security management measure selection support method for reducing a time required for the embodiment of security management measures, and for accurately evaluating risk reduction effects by the security management measures. <P>SOLUTION: This risk evaluating method is provided to store information property management information inputted by an operator through an input device 121 or a reading device 123 in an external storage device 127. Then, attribute information relevant to preliminarily stored information property is outputted through an output device 122, and selection by an operator is accepted through an input device 121. Then, information associated with the attribute information selected by the operator is selected from a plurality of preliminarily stored threat/fragility information, and a risk value corresponding to the information property is calculated based on the selected threat/fragility information and the information property management information. <P>COPYRIGHT: (C)2005,JPO&NCIPI</p> |
