Abstract
Conference Title: 2019 International Conference on Computer and Information Sciences (ICCIS) Conference Start Date: 2019, April 3 Conference End Date: 2019, April 4 Conference Location: Sakaka, Saudi Arabia Despite the benefits and convenience that are brought by technology, risks are also engulfed in the use of technology. To foresee the probable risks, and come up with the appropriate countermeasures, a comprehensive examination of the mechanism of risk assessment we currently have is necessary. Therefore, in this paper, we present a comprehensive study of the current approaches for information security risk assessment. In addition, we discuss the three categories of the risk assessment approaches which are: qualitative, quantitative and hybrid. We also illustrate the advantages and limitations of each risk assessment category.