One approach to risk assessment
Computers and Security
Business process redesign: a Petri-net-based approach
Computers in Industry - Special double issue: WET ICE '95
The CORAS Framework for a Model-Based Risk Management Process
SAFECOMP '02 Proceedings of the 21st International Conference on Computer Safety, Reliability and Security
Ad-hoc workflow: problems and solutions
DEXA '97 Proceedings of the 8th International Workshop on Database and Expert Systems Applications
Generic Workflow Models: How to Handle Dynamic Change and Capture Management Information?
COOPIS '99 Proceedings of the Fourth IECIS International Conference on Cooperative Information Systems
International Journal of Electronic Commerce
Journal of Management Information Systems
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part III: ICCS 2007
Analyzing Business Continuity through a Multi-layers Model
BPM '08 Proceedings of the 6th International Conference on Business Process Management
Mission Assurance Challenges within the Military Environment
International Journal of Interdisciplinary Telecommunications and Networking
Hi-index | 0.00 |
Information security risk management (ISRM) heavily depends on realistic impact values representing the resources' importance in the overall organizational context. Although a variety of ISRM approaches have been proposed, well-founded methods that provide an answer to the following question are still missing: How can business processes be used to determine resources' importance in the overall organizational context? We answer this question by measuring the actual importance level of resources based on business processes. Therefore, this paper presents our novel business process-based resource importance determination method which provides ISRM with an efficient and powerful tool for deriving realistic resource importance figures solely from existing business processes. The conducted evaluation has shown that the calculation results of the developed method comply to the results gained in traditional workshop-based assessments.