From the Resource to the Business Process Risk Level

被引:0
|
作者
Fenz, S. [1 ,2 ]
机构
[1] Vienna Univ Technol, Vienna, Austria
[2] SBA Res, Vienna, Austria
来源
PROCEEDINGS OF THE SOUTH AFRICAN INFORMATION SECURITY MULTI-CONFERENCE | 2010年
关键词
Security; Information security risk management; Business process analysis;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Although a variety of information security risk management (ISRM) approaches have been proposed, well-founded methods that provide an answer to the following question are still missing: How can the risk level of a business process be determined by taking the risk levels of the involved resources into account? This paper presents our research results regarding resource-based risk analysis methods in order to assign realistic figures concerning the business process risk level. With regard to business processes the research results allow the (semiautomatic) reasoning of the current security status of an organization. In this way we can support decision makers in selecting appropriate controls to reduce risks to an acceptable level; and also in making a reasonable trade-off between investments into security and the need for protection.
引用
收藏
页码:100 / 109
页数:10
相关论文
共 50 条
  • [21] From Secure Business Process Modeling to Design-Level Security Verification
    Ramadan, Qusai
    Salnitri, Mattia
    Strueber, Daniel
    Juerjens, Jan
    Giorgini, Paolo
    2017 ACM/IEEE 20TH INTERNATIONAL CONFERENCE ON MODEL DRIVEN ENGINEERING LANGUAGES AND SYSTEMS (MODELS 2017), 2017, : 123 - 133
  • [22] Transition from Process- to Product-Level Perspective for Business Software
    Ferreira, Nuno
    Santos, Nuno
    Soares, Pedro
    Machado, Ricardo J.
    Gasevic, Dragan
    ENTERPRISE INFORMATION SYSTEMS OF THE FUTURE, 2013, 139 : 268 - 275
  • [23] Analyzing business-failure-process risk: evidence from Finland
    Laitinen, Erkki K.
    JOURNAL OF FINANCIAL REPORTING AND ACCOUNTING, 2021, 19 (04) : 571 - 595
  • [24] Risk Sharing in Business Process Outsourcing
    Tu Jing
    Zhang Wenping
    PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON INNOVATION AND MANAGEMENT, VOLS I AND II, 2010, : 1617 - 1620
  • [25] Incorporating risk into business process models
    Cope, E. W.
    Kuester, J. M.
    Etzweiler, D.
    Deleris, L. A.
    Ray, B.
    IBM JOURNAL OF RESEARCH AND DEVELOPMENT, 2010, 54 (03)
  • [26] WORKING WITH LEVEL OF DETAIL OF BUSINESS PROCESS DIAGRAMS
    Svatos, Oleg
    STRATEGIC MODELING IN MANAGEMENT, ECONOMY AND SOCIETY (IDIMT-2018), 2018, 47 : 401 - 408
  • [27] Risk Analysis in the Model of the Business Process
    Gorbunov, Vladimir
    Htet, Nyan Win
    Balashov, Alexander
    PROCEEDINGS OF THE 2016 IEEE NORTH WEST RUSSIA SECTION YOUNG RESEARCHERS IN ELECTRICAL AND ELECTRONIC ENGINEERING CONFERENCE (ELCONRUSNW), 2016, : 811 - 813
  • [28] Business process and risk models enrichment: considerations for business intelligence
    Sienou, Amadou
    Karduck, Achim P.
    Lamine, Elyes
    Pingaud, Herve
    PROCEEDINGS OF THE ICEBE 2008: IEEE INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING, 2008, : 732 - +
  • [29] A Process Warehouse based Resource Suitability Evaluation Method for Business Process Improvement
    Sohail, Abid
    Dominic, P. D. D.
    Shahzad, Khurram
    2014 INTERNATIONAL CONFERENCE ON COMPUTER, COMMUNICATIONS, AND CONTROL TECHNOLOGY (I4CT), 2014, : 75 - 79
  • [30] Adaptive Service Configuration for Edge Resource Allocation in Business Process
    Sun, Mengyu
    Zhou, Zhangbing
    2020 IEEE WORLD CONGRESS ON SERVICES (SERVICES), 2020, : 37 - 40
12345