Integrated, Business-Oriented, Two-Stage Risk Analysis

被引:0
|
作者
Bialas, Andrzej [1 ]
Lisek, Krzysztof [1 ]
机构
[1] Inst Innovat & Informat Soc, Ul Wita Stwosza 7, PL-40954 Katowice, Poland
来源
JOURNAL OF INFORMATION ASSURANCE AND SECURITY | 2007年 / 2卷 / 03期
关键词
Information security management; Risk analysis;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents an integrated, business-oriented, two-stage risk analysis method related to the Information Security Management Systems (ISMS) concept. The current state of the work is presented, including risk analysis methods and their implementation. The concept assumes the integration of preliminary overviews as well as high- and low-level risk analyses. High-level risk analysis works with the needs of business processes and presents criticality of these processes. Low-level risk analysis works with assets and selects safeguards in a cost-effective manner. It is assumed that the presented risk analysis concept can be used in other management systems: business continuity and IT services management. The paper concludes the current state of the work and defines its further directions.
引用
收藏
页码:205 / 210
页数:6
相关论文
共 50 条
  • [1] A business-oriented approach to maintenance
    Foelkel, C
    TAPPI JOURNAL, 1998, 81 (09): : 67 - 69
  • [2] Business-oriented Constraint Language
    Knapman, J
    UML 2000 - THE UNIFIED MODELING LANGUAGE, PROCEEDINGS: ADVANCING THE STANDARD, 2000, 1939 : 47 - 61
  • [3] BUSINESS-ORIENTED COMPUTERS - A FRAME OF REFERENCE
    BOUTELL, WS
    ACCOUNTING REVIEW, 1964, 39 (02): : 305 - 311
  • [4] Business-oriented management of Web services
    Casati, F
    Shan, E
    Dayal, U
    Shan, MC
    COMMUNICATIONS OF THE ACM, 2003, 46 (10) : 55 - 60
  • [5] A Business-Oriented Approach to Requirements Elicitation
    Przybylek, Adam
    PROCEEDINGS OF THE 9TH INTERNATIONAL CONFERENCE ON EVALUATION OF NOVEL APPROACHES TO SOFTWARE ENGINEERING (ENASE 2014), 2014, : 152 - 163
  • [6] Business-Oriented Evaluation of the PaaSage Platform
    Achilleos, Achilleas P.
    Kapitsaki, Georgia M.
    Constantinou, Eleni
    Horn, Geir
    Papadopoulos, George A.
    2015 IEEE/ACM 8TH INTERNATIONAL CONFERENCE ON UTILITY AND CLOUD COMPUTING (UCC), 2015, : 322 - 326
  • [7] Towards a business-oriented specification for services
    Terlouw, Linda
    ADVANCES IN ENTERPRISE ENGINEERING I, PROCEEDINGS, 2008, 10 : 122 - 136
  • [8] A business-oriented perspective for QoS management
    Penna, MC
    Kaestner, C
    Wandresen, RR
    2004 IEEE Workshop on IP Operations and Management Proceedings (IPOM 2004): SELF-MEASUREMENT & SELF-MANAGEMENT OF IP NETWORKS & SERVICES, 2004, : 219 - 223
  • [9] BTRON - THE BUSINESS-ORIENTED OPERATING SYSTEM
    SAKAMURA, K
    IEEE MICRO, 1987, 7 (02) : 53 - 65
  • [10] Business-Oriented Customer Experience Management
    Torjemen, Nabil
    Tabbane, Nabil
    Zhioua, Ghayet el Mouna
    PROCEEDINGS OF 2016 5TH INTERNATIONAL CONFERENCE ON MULTIMEDIA COMPUTING AND SYSTEMS (ICMCS), 2016, : 714 - 719
12345