Risk Assessment Of K Company's Terminal Security Project Based On AHP

In recent years,with the development of various technologies of enterprise information system infrastructure,various internal and external security threats have continued to increase,especially the loss of information security.By analyzing the development history of K company in recent years,we noticed that K company is still in the stage of focusing on business and neglecting security.The company's information security foundation is relatively weak and it needs to purchase related security products to respond to various security threats in advance.The thesis mainly focuses on the problem of various risks in the project in the process of moving into the security solution,which causes the supplier to invest too much project resources when dealing with these risks.The paper takes the project of K company introducing ESET's terminal security solutions as an analysis case,in order to optimize resource input and ensure the smooth completion of the project.The research work of this paper is reflected in the following three aspects:1.Analyze the root causes of the problem of "investing too much resources" in the risk response process of terminal security projects by suppliers:(1)There are huge differences in terminal software configuration and security strategies in different areas of terminal security projects.Risk assessment methods lack the accuracy to cover such a complex environment.(2)Compatibility and failures during the project implementation process will affect user business continuity,requiring large-scale testing and functional verification.(3)National safety standards and related clauses have been updated rapidly in recent years.Suppliers need to ensure that products meet compliance requirements,especially imported products are greatly affected by policies.(4)Project risks are complex and difficult to quantify,leading to the investment of project resources into non-key parts.2.Analyze the above problems and their occurrence,find the shortcomings of the existing risk assessment methods,and make the following improvement guidelines based on the analytic hierarchy process(AHP): combine qualitative and quantitative analysis,and improve the original risk assessment methods.First,an expert group is formed by project personnel from both the supply and demand sides,and the project risk factors are updated through interviews and the Delphi method.According to the analytic hierarchy process,the risk factors are constructed according to the type of risk,and the risk factors are compared in pairs,and the numerical grades are evaluated according to their importance and the weights are calculated.Finally,the relative importance of all risk factors to the highest level is calculated to obtain the overall ranking of the risk factors.3.The risk factors are sorted according to the total ranking of levels,and different project resources are invested in sequence according to the total ranking of risks,and different levels of risk response strategies are adopted for each level of risk.And implement new risk response measures in the project,and evaluate in practice whether this method is ideal for preventing various risks under the condition of rational use of project resources.Through the research and realization of the above risk assessment content,and the redefinition and sorting of the risk items of the K company terminal security project,the paper optimizes the risk response strategy of the original project,allocates project resources reasonably,and achieves a more ideal risk prevention The effect ensures the smooth completion of the project.