153 Copyright © 2013, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited. Chapter 8 DOI: 10.4018/978-1-4666-2964-6.ch008 Panayiotis Kotzanikolaou University of Piraeus, Greece Marianthi Theoharidou Athens University of Economics & Business, Greece Dimitris Gritzalis Athens University of Economics & Business, Greece Risk Assessment of Multi- Order Dependencies between Critical Information and Communication Infrastructures ABSTRACT Assessing risk in information and communication infrastructures is a challenging topic due to the com- plexity of critical infrastructures (CIs) and of the various dependencies between such infrastructures. This chapter discusses the basic concepts of risk assessment for CIs. Moreover, it describes a recently proposed methodology for criticality assessment. The main goal of this methodology is to assess the risk of an infrastructure (or a sector of critical infrastructures), taking into account the dependencies between CIs and/or sectors. The methodology is compatible with current information systems practices. The basic characteristic of the presented methodology is that it attempts to capture both organization- oriented and society-oriented consequences of possible security events, a feature which is not always embedded in mainstream information security risk assessment methodologies.