Using an Enterprise Architecture for IT Risk Management
نویسندگان
چکیده
In this paper we propose a novel approach for the systematic assessment and analysis of IT related risks in organisations and projects. The approach is model-driven using an enterprise architecture as the basis for the security management process. Using an enterprise architecture it is possible to provide an integrated description of an organisation’s structure, processes and its underlying IT landscape. That way we want to bridge the technical and business oriented views on information security. The proposed approach provides a detailed process of security management and defines the necessary responsibilities and roles of the participating stake-holders.
منابع مشابه
Providing an Enterprise Architecture Framework Model for Laboratory Information Management Systems by Service Oriented Approach
Background and Aim: Laboratories are one of the most important scientific and research centers. Laboratory information management systems provide a platform for recording the information and collaborating between researchers. The main purpose of this study was suggesting an organizational architecture model of laboratory information management systems. Materials and Methods: This study was a ...
متن کاملEnterprise Risk Management and Performance of Financial Institutions in Iraq: The Mediating Effect of Information Technology Quality
Enterprise risk management represents a process of assessing exposure to risks in an institution. It is a systematic mechanism and a comprehensive tool for predicting events, including unexpected events, and their impacts. This paper is a conceptual study. It aims at designing a model for testing the mediation effect of information technology (IT) quality on the relationship between the enterpr...
متن کاملAutomatic Workflow Generation and Modification by Enterprise Ontologies and Documents
This article presents a novel method and development paradigm that proposes a general template for an enterprise information structure and allows for the automatic generation and modification of enterprise workflows. This dynamically integrated workflow development approach utilises a conceptual ontology of domain processes and tasks, enterprise charts, and enterprise entities. It also suggests...
متن کاملAutomatic Workflow Generation and Modification by Enterprise Ontologies and Documents
This article presents a novel method and development paradigm that proposes a general template for an enterprise information structure and allows for the automatic generation and modification of enterprise workflows. This dynamically integrated workflow development approach utilises a conceptual ontology of domain processes and tasks, enterprise charts, and enterprise entities. It also suggests...
متن کاملReputation Risk Management in the Framework of Enterprise Risk Management: Evidences from an Active Financial Institution in the Capital Market of Iran
Reputation risk as one of the most important risks in any competitive industry and market should be considered before all the risks of the enterprise which also affects other risks. This research aims to review and manage reputation risk in the framework of enterprise risk management. Considering the importance of the subject and lack of available studies in this field, the innovation of presen...
متن کاملEnterprise-Wide Risk Management (EWRM) as a Value Added Tool in Enhancing the Economic Value of Business Enterprises
In recent years, Risk Management in respect of Enterprise-Wide Risk Management (EWRM) has become more important and highly critical to major corporations worldwide including Malaysia. In fact, it is interesting to note that when the Government of Malaysia passed the Code of Corporate Governance in the year 2000, most of the Public Limited Companies (PLCs) in Malaysia was struggling to implement...
متن کامل