From the Resource to the Business Process Risk Level
نویسنده
چکیده
Although a variety of information security risk management (ISRM) approaches have been proposed, well-founded methods that provide an answer to the following question are still missing: How can the risk level of a business process be determined by taking the risk levels of the involved resources into account? This paper presents our research results regarding resource-based risk analysis methods in order to assign realistic figures concerning the business process risk level. With regard to business processes the research results allow the (semiautomatic) reasoning of the current security status of an organization. In this way we can support decision makers in selecting appropriate controls to reduce risks to an acceptable level; and also in making a reasonable trade-off between investments into security and the need for protection.
منابع مشابه
An Optimization Model for Financial Resource Allocation Towards Seismic Risk Reduction
This paper presents a study on determining the degree of effectiveness of earthquake risk mitigation measures and how to prioritize such efforts in developing countries. In this paper a model is proposed for optimizing funds allocation towards risk reduction measures (building retrofitting) and reconstruction process after potential earthquakes in a regional level. The proposed model seeks opti...
متن کاملارزیابی ریسک بهداشتی مواجهه شغلی با عوامل زیان آور شیمیایی : مطالعه موردی در یک صنعت پتروشیمی
Background and aims In the most chemical process industries, workers are exposed to various chemicals and working with these chemicals without considering safety and health considerations can lead to different harmful symptoms. For deciding about control measures and reducing risk to acceptable level , it is necessary to assess the health risk of exposing to harmful chemicals by aid of specif...
متن کاملA Compound Decision Support System for Corporate Planning
Providing a plan for any corporate or firm at macro level, as an organization or enterprise resource planning has particular importance nowadays. To meet the enterprise resource planning needs applications software packages provide a set of uniform pre-prepared and pre-designed that covers all business process throughout an organization. To achieve maximum efficiency in the implementation of th...
متن کاملGeneral Statistical Business Process Model
Statistical business process is variously designed and implemented in different organizations. This makes it difficult to exchange the knowledge, benefit from the good practices and the cooperation between national and international organizations. In order to solve this problem and help statistical organizations discuss developing statistical metadata systems, General Statistical Business Proce...
متن کاملارائه الگوریتم پویا برای تنظیم همروندی فرایندهای کسبوکار
Business process management systems (BPMS) are vital complex information systems to compete in the global market and to increase economic productivity. Workload balancing of resources in BPMS is one of the challenges have been long studied by researchers. Workload balancing of resources increases the system stability, improves the efficiency of the resources and enhances the quality of their pr...
متن کاملThe role of Real option in e-business Risk management: The case of E-treasury project
Implementing information technology projects requires a calculated process to prevent failure. At the same time application of information technology in organizations faces various potential risks. Exploring information technology environment in organizations reveals the potential risks and provides a structure for comprehensive risk management. There are various methods available for risk mana...
متن کامل