Taguchi’s experimental design model is extensively applied by the manufacturing and production industries to systematically simulate different system states through altering controllable and uncontrollable variables to ensure system reliability and robustness. Managing an IT infrastructure complexity in a systematic way to assess the risks is a major challenge. This research paper proposes a novel IT infrastructure security risk assessment methodology inspired by the Taguchi’s experimental design model. The proposed methodology is capable of rating and ranking impact of controllable and uncontrollable infrastructure parameters in the form of threats against the system. The result of the assessment is fed into a mitigation process where the system is hardened by eliminating the highest ranking risks.
