Research on Security Risk Assessment Based on the Improved FAHP

In order to reduce the subjectivity of information security risk assessment process and improve assessment efficiency, we propose a new method of information security risk assessment based on improved FAHP (Fuzzy Analytic Hierarchy Process) to analyse the information security-related standards for domestic and international risk assessment. We establish a Hierarchical Security Assessment Model and introduce refinement indicators and Intuitionistic Fuzzy Sets to reduce subjective judgment factors in the assessment of traditional risk. We then applied an e-commerce company in case analyse the security risk and the results are satisfactory and in line with the actual situation of the company. The indicator system of this method is more objective and comprehensive and the evaluation process is more efficient, which provide new ideas for risk assessment of existing information security companies.