Sciweavers

BPM
2009
Springer

Business Process-Based Resource Importance Determination

14 years 7 months ago
Business Process-Based Resource Importance Determination
Abstract. Information security risk management (ISRM) heavily depends on realistic impact values representing the resources’ importance in the overall organizational context. Although a variety of ISRM approaches have been proposed, well-founded methods that provide an answer to the following question are still missing: How can business processes be used to determine resources’ importance in the overall organizational context? We answer this question by measuring the actual importance level of resources based on business processes. Therefore, this paper presents our novel business process-based resource importance determination method which provides ISRM with an efficient and powerful tool for deriving realistic resource importance figures solely from existing business processes. The conducted evaluation has shown that the calculation results of the developed method comply to the results gained in traditional workshop-based assessments. Classification: Static process analysis.
Stefan Fenz, Andreas Ekelhart, Thomas Neubauer
Added 25 May 2010
Updated 25 May 2010
Type Conference
Year 2009
Where BPM
Authors Stefan Fenz, Andreas Ekelhart, Thomas Neubauer
Comments (0)