Integrated, Business-Oriented, Two-Stage Risk Analysis

被引:0
|
作者
Bialas, Andrzej [1 ]
Lisek, Krzysztof [1 ]
机构
[1] Inst Innovat & Informat Soc, Ul Wita Stwosza 7, PL-40954 Katowice, Poland
来源
JOURNAL OF INFORMATION ASSURANCE AND SECURITY | 2007年 / 2卷 / 03期
关键词
Information security management; Risk analysis;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents an integrated, business-oriented, two-stage risk analysis method related to the Information Security Management Systems (ISMS) concept. The current state of the work is presented, including risk analysis methods and their implementation. The concept assumes the integration of preliminary overviews as well as high- and low-level risk analyses. High-level risk analysis works with the needs of business processes and presents criticality of these processes. Low-level risk analysis works with assets and selects safeguards in a cost-effective manner. It is assumed that the presented risk analysis concept can be used in other management systems: business continuity and IT services management. The paper concludes the current state of the work and defines its further directions.
引用
收藏
页码:205 / 210
页数:6
相关论文
共 50 条
  • [21] A methodological framework for business-oriented modeling of it infrastructure
    Landau, A
    Wasserkrug, S
    Gilat, D
    Razinkov, N
    Sela, A
    Aiber, S
    PROCEEDINGS OF THE 2004 WINTER SIMULATION CONFERENCE, VOLS 1 AND 2, 2004, : 474 - 482
  • [22] Developing an application model based on business-oriented
    Li, Lian Wei
    Liu, Zhan
    Wei, He Long
    Yang, Chen
    Sun, Ji Hong
    Sheng, Jie
    INFORMATION TECHNOLOGY AND COMPUTER APPLICATION ENGINEERING, 2014, : 177 - 180
  • [23] A business-oriented approach to data warehouse development
    Cravero Leal, A.
    Mazon, J. N.
    Trujillo, J.
    INGENIERIA E INVESTIGACION, 2013, 33 (01): : 59 - 65
  • [24] Knowledge Map Application of business-oriented problem solving
    Wu, Yinan
    Zhan, Hongfei
    Yu, Junhe
    2016 12TH INTERNATIONAL CONFERENCE ON NATURAL COMPUTATION, FUZZY SYSTEMS AND KNOWLEDGE DISCOVERY (ICNC-FSKD), 2016, : 433 - 437
  • [25] A Business-oriented Fault Localization Approach Using Digraph
    Liu, Lianzhong
    Li, Chunfang
    Zhang, Yanping
    2009 IEEE INTERNATIONAL SYMPOSIUM ON PARALLEL AND DISTRIBUTED PROCESSING WITH APPLICATIONS, PROCEEDINGS, 2009, : 499 - 504
  • [26] Flexible Business-oriented Service Interfaces in Information Systems
    Zemlicka, Michal
    Kral, Jaroslav
    PROCEEDINGS OF THE 9TH INTERNATIONAL CONFERENCE ON EVALUATION OF NOVEL APPROACHES TO SOFTWARE ENGINEERING (ENASE 2014), 2014, : 164 - 171
  • [27] IMPROVEMENT OF SPREADSHEET SKILLS IN BUSINESS-ORIENTED UNIVERSITY COURSES
    Rakovic, Lazar
    Sakal, Marton
    Tumbas, Pere
    Matkovic, Predrag
    Pavlicevic, Veselin
    INTED2015: 9TH INTERNATIONAL TECHNOLOGY, EDUCATION AND DEVELOPMENT CONFERENCE, 2015, : 6874 - 6882
  • [28] Focused management. A business-oriented approach to TQM
    Ronen, Boaz
    Pass, Shimeon
    Industrial Management (Norcross, Georgia), 1994, 36 (03):
  • [29] A Business-Oriented Management Framework for Mobile Communication Systems
    Galeana-Zapien, Hiram
    Rubio-Loyola, Javier
    Salazar-Linares, Pablo
    Agueero, Ramon
    Serrat, Joan
    Davy, Steven
    MOBILE NETWORKS & APPLICATIONS, 2012, 17 (04): : 479 - 491
  • [30] A GENERAL BUSINESS-ORIENTED LANGUAGE BASED ON DECISION EXPRESSIONS
    LOMBARDI, LA
    COMMUNICATIONS OF THE ACM, 1964, 7 (02) : 104 - 112
12345