中文摘要：

信息安全风险评估是保障信息系统安全的重要手段之一，也是信息系统安全体系建设的前提和基础。文中在分析信息安全风险评估要素和评估过程的基础上，结合实际经验针对定量风险评估讨论了定量风险评估要素的量化规则、量化方法和风险计算方法，该方法在定量风险评估过程中具有科学性、合理性和实用性特点。

英文摘要：

Information security risk assessment is a method for improving security of information system, and a basis and condition for constructing security architecture of information system. Based on analysis of the elements and the process of information security risk assessment and according to some risk assessment experience, this paper discusses some quantificational rules, quantification methods and computing formula of quantified risk assessment. This risk assessment is scientific, and practical.