An identification method of risks in project plan document by automatic acquisition of risk expression

Imanara, Yuuki; Nakajima, Daisuke; Samejima, Masaki; Akiyoshi, Masanori; Morihisa, Hiroshi

doi:10.1109/icsmc.2012.6377901

“…4 In addition, words used in audit documents implicate risks, and there is a research on identifying risks from corporate documents through text mining. 7 , 8 In information security audit, one can use risks identified by auditors and audit reports that evidence these risks. 7 , 8 In information security audit, one can use risks identified by auditors and audit reports that evidence these risks.…”

Section: Introductionmentioning

confidence: 99%

Risk Words Suggestion for Information Security Audit by Bayesian Inference

Satoh

¹

,

Samejima

²

2018

IEEJ Trans.EIS

Self Cite

0

View full text Add to dashboard Cite

We present risk word suggestion for enabling an auditor to identify potential risks based on words of identified risks in an audit report. Once the auditor describes the identified risks in the report, words related to the potential risks are inferred with words in the description of the identified risks, and suggested to the auditor. For the word inference, we assume that words of potential risks and identified risks are related to each other, and by applying Bayesian inference we reveal the relation between the words. In our evaluation experiments with real five cases, Bayesian inference can suggest the words for identifying potential risks. Furthermore, two auditors can accurately identify potential risks by the suggested words. K E Y W O R D SBayesian inference, information security audit, text mining 42

show abstract

Risk words suggestion for information security audit by Bayesian inference

Satoh

¹

,

Samejima

²

2018

Elect Comm in Japan

Self Cite

3

0

View full text Add to dashboard Cite

We present risk word suggestion for enabling an auditor to identify potential risks based on words of identified risks in an audit report. Once the auditor describes the identified risks in the report, words related to the potential risks are inferred with words in the description of the identified risks, and suggested to the auditor. For the word inference, we assume that words of potential risks and identified risks are related to each other, and by applying Bayesian inference we reveal the relation between the words. In our evaluation experiments with real five cases, Bayesian inference can suggest the words for identifying potential risks. Furthermore, two auditors can accurately identify potential risks by the suggested words.

show abstract