Business Process-Based Resource Importance Determination

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5701 LNCS, Issue , 2009, Pages 113-127

  Fenz, Stefan ^a   Ekelhart, Andreas ^b   Neubauer, Thomas ^b  

^a VIENNA UNIVERSITY OF TECHNOLOGY   (Austria)

^b Secure Business Austria   (Austria)

Author keywords

[No Author keywords available]

Indexed keywords

BUSINESS PROCESS; IMPACT VALUE; INFORMATION SECURITY; ORGANIZATIONAL CONTEXT; STILL MISSING;

RISK ANALYSIS; RISK MANAGEMENT;

ENTERPRISE RESOURCE MANAGEMENT;

EID: 70349325827     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-03848-8_9     Document Type: Conference Paper

References (22)

1. Gerber, M., von Solms, R.: Management of risk in the information age. Computers & Security 24, 16-30 (2004)
2. Commission of the European Communities: Communication from the Commission to the Council, The European Parliament, The European Economic and Social Committee and the Committee of the Regions 'A strategy for a Secure Information Society - Dialogue, partnership and empowerment". COM (2006) 251 final (2006)
3. Cavusoglu, H., Mishra, B., Raghunathan, S.: The effect of internet security breach announcements on market value: Capital market reactions for breached firms and internet security developers. International Journal of Electronic Commerce 9(1), 69-104 (2004)
4. Stoneburner, G., Goguen, A., Feringa, A.: Risk management guide for information technology systems. NIST Special Publication 800-30, National Institute of Standards and Technology (NIST), Gaithersburg, MD 20899-8930 (2002)
5. Voorhoeve, M., Van der Aalst, W.: Ad-hoc workflow: problems and solutions. In: Proceedings of the Eigth International Workshop on Database and Expert Systems Applications, pp. 36-40. IEEE Computer Society, Los Alamitos (1997)
6. van der Aalst, W.: Generic workflow models: How to handle dynamic change and capture management information? In: Conference on Cooperative Information Systems, pp. 115-126 (1999)
7. Mills, S.: The future of business - aligning business and it to create an enduring impact on industry. Technical report, IBM (2007)
8. Sackmann, S.: A reference model for process-oriented it risk management. In: 16th European Conference on Information Systems, ECIS 2008 (2008)
9. Al-Mashari, M.: Business process management - major challenges. Business Process Management Journal 8, 411-412 (2002)
10. Farquhar, B.: One approach to risk assessment. Computers and Security 10(10), 21-23 (1991)
11. Fredriksen, R., Kristiansen, M., Gran, B.A., Stølen, K., Opperud, T.A., Dimitrakos, T.: The CORAS framework for a model-based risk management process. In: Anderson, S., Bologna, S., Felici, M. (eds.) SAFECOMP 2002. LNCS, vol. 2434, pp. 94-105. Springer, Heidelberg (2002)
12. Alberts, C., Dorofee, A., Stevens, J., Woody, C.: Introduction to the OCTAVE approach. Technical report, Carnegie Mellon - Software Engineering Institute, Pittsburgh, PA 15213-3890 (2003)
13. DCSSI: Expression des Besoins et Identification des Objectifs de Sécurité (EBIOS) - Section 2 - Approach. General Secretariat of National Defence Central Information Systems Security Division, DCSSI (2004)
14. ISO/IEC: ISO/IEC 27005:2007, Information technology - Security techniques - Information security risk management (2007)
15. Sackmann, S.: Assessing the effects of it changes on it risk - a business process-oriented view. In: Multikonferenz Wirtschaftsinformatik (MKWI 2008), pp. 1137-1148. GITO-Verlag, Berlin (2008)
16. Asnar, Y., Giorgini, P.: Analyzing business continuity through a multi-layers model. In: Dumas, M., Reichert, M., Shan, M.-C. (eds.) BPM 2008. LNCS, vol. 5240, pp. 212-227. Springer, Heidelberg (2008)
17. Reijers, H.A., Limam, S., van der Aalst, W.M.P.: Product-based workflow design. J. Manage. Inf. Syst. 20(1), 229-262 (2003)
18. Eom, J.-H., Park, S.-H., Han, Y.-J., Chung, T.-M.: Risk assessment method based on business process-oriented asset evaluation for information system security. In: Shi, Y., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2007. LNCS, vol. 4489, pp. 1024-1031. Springer, Heidelberg (2007)
19. van der Aalst, W., van Hee, K.: Business process redesign: a petri-net-based approach. Computers in Industry 29, 15-26 (1996)
20. van der Aalst, W.: The application of Petri nets to workflow management. The Journal of Circuits, Systems and Computers 8(1), 21-66 (1998)
21. van der Aalst, W.: Process-oriented architectures for electronic commerce and interorganizational workflow. Information Systems 24(8), 639-671 (1999)
22. zur Muehlen, M., Rosemann, M.: Integrating risks in business process models. In: ACIS 2005 Proceedings (2005)