In this paper, a system for capturing and maintaining design rationale is described. The significant contribution of this work is to address the problem of ensuring that the model is followed by the user and to extend the model to include risk analysis. This is accomplished using a software tool (PPIS) that allows the structure of the argumentation process to be made explicit and visible in the...

Shadow Information Technology (IT) occurs when users develop systems outside of the central information technology department. It provides both benefits and risks. Users procuring shadow IT often do not consider integration with existing enterprise architecture, privacy and security protection, maintenance cost, and legal ramifications. Problems with shadow IT must often be resolved by central ...

The study and application of risk analysis provides a set of tools with a strong methodological foundation. This chapter describes how risk analysis can be integrated into the intelligence cycle for producing terrorism threat assessments and warnings. Intelligence professionals can use the risk analyst’s toolbox to sharpen conclusions that are made in intelligence products by providing support ...

2 Abstract This paper provides a framework for examining developing-country financial crisis. It is based upon Hyman Minsky's financial fragility thesis and applied to the case of Thailand 1984-1999. There is empirical evidence for the evolution of the Thai economy through the Minskian regimes (hedged through speculative to Ponzi) in the period prior to the onset of the 1997 Asian crisis. Evide...

We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making it applicable before the role engineering phase. In particular, the proposed approach highlights users and permissions that markedly deviate from others, and that might consequently be prone to error when roles are o...

This paper presents a methodology for anticipating failures in a component up to the end of its life cycle. Often, feedback data is not sufficient and must be complemented by the analysis of expert judgment. The methodology developed aims at anticipating the degradation mechanisms responsible for aging, and evaluating their relevance and related uncertainties. This is necessary information for ...

utility computing, reachability, security modelling, object oriented logical models, security properties, risk analysis In this paper we consider how logic-based object modelling techniques may be used to help Utility Providers and their customers obtain insight concerning the security characteristics of utility infrastructure and networked systems. We briefly describe two modelling tool protot...

The objective of this article is to discuss the potential of economic analysis as a tool for identification and evaluation of corruption in legislative acts. We propose that corruption be perceived as a risk variable within the legislative process. Therefore we find it appropriate to employ risk analysis methods, used in various fields of economics, for the evaluation of corruption in legislati...

This paper reviews and discusses some key concept and principles of risk analysis and risk management, based on a set of statements, formulated as myths about risk. Examples of such myths are: risk is equal to the expected value, risk equals uncertainty, risk can be expressed by probabilities, risk is equal to an event, risk acceptance criteria contribute to obtaining a high safety standard, an...