Modelling risk and identifying countermeasure in organizations

Authors:
Yudistira Asnar;Paolo Giorgini
Affiliations:
Department of Information and Communication Technology, University of Trento, Italy;Department of Information and Communication Technology, University of Trento, Italy
Venue:
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Year:
2006

Citing 6
Cited 11

Goal-directed requirements acquisition

6IWSSD Selected Papers of the Sixth International Workshop on Software Specification and Design
Managing Conflicts in Goal-Driven Requirements Engineering

IEEE Transactions on Software Engineering
Handling Obstacles in Goal-Oriented Requirements Engineering

IEEE Transactions on Software Engineering - special section on current trends in exception handling—part II
Goal-Based Requirements Analysis

ICRE '96 Proceedings of the 2nd International Conference on Requirements Engineering (ICRE '96)
Modelling strategic relationships for process reengineering

Modelling strategic relationships for process reengineering
Tropos: An Agent-Oriented Software Development Methodology

Autonomous Agents and Multi-Agent Systems

Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development

CAiSE '08 Proceedings of the 20th international conference on Advanced Information Systems Engineering
Analyzing Business Continuity through a Multi-layers Model

BPM '08 Proceedings of the 6th International Conference on Business Process Management
An evaluation of business solutions in manufacturing enterprises

International Journal of Business Intelligence and Data Mining
Software development risk management model: a goal driven approach

Proceedings of the doctoral symposium for ESEC/FSE on Doctoral symposium
Astrolabe: a collaborative multiperspective goal-oriented risk analysis methodology

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans - Special section: Best papers from the 2007 biometrics: Theory, applications, and systems (BTAS 07) conference
Designing Law-Compliant Software Requirements

ER '09 Proceedings of the 28th International Conference on Conceptual Modeling
Reasoning about risk in agent's deliberation process: a Jadex implementation

AOSE'07 Proceedings of the 8th international conference on Agent-oriented software engineering VIII
Requirements trade-offs analysis in the absence of quantitative measures: a heuristic method

Proceedings of the 2011 ACM Symposium on Applied Computing
Analyzing goal models: different approaches and how to choose among them

Proceedings of the 2011 ACM Symposium on Applied Computing
Comparing alternatives for analyzing requirements trade-offs - In the absence of numerical data

Information and Software Technology
Towards the automatic and optimal selection of risk treatments for business processes using a constraint programming approach

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Modelling and analysing risk is one of the most critical activity in system engineering. However, in literature approaches like Fault Tree Analysis, Event Tree Analysis, Failure Modes and Criticality Analysis focus on the system-to-be without considering the impact of the associated risks to the organization where the system will operate. The Tropos framework has been proved effective in modelling strategic interests of the stakeholders at organizational level. In this paper, we introduce the extended Tropos goal model to analyse risk at organization level and we illustrate a number of different techniques to help the analyst in identifying and enumerating relevant countermeasures for risk mitigation.