Title :
Extension of a Methodology for Risk-Aware Business Process Modeling and Simulation Enabling Process-Oriented Incident Handling Support
Author :
Tjoa, S. ; Jakoubi, S. ; Goluch, G. ; Quirchmayr, G.
Author_Institution :
Secure Bus. Austria, Vienna
Abstract :
Increasingly, companies face the challenges to perform their business processes effectively as well as efficiently and to simultaneously assure the continuity of these processes. As the majority of companies rely on IT, it is essential to establish effective incident handling. In this paper, we introduce new extensions of the risk-aware business process management framework ROPE (risk-oriented process evaluation) in order to support the improvement of the management and execution of business processes. We further discuss the advantages of those extensions and how they can support the implementation of standards and best-practices such as the NIST SP800-61 (Computer Security Incident Handling Guide).
Keywords :
business data processing; security of data; standards; process-oriented incident handling support; risk-aware business process management; risk-aware business process modeling; risk-oriented process evaluation; standards; Business continuity; Companies; Computer security; Costs; Counting circuits; Document handling; Guidelines; Information security; NIST; Risk management;
Conference_Titel :
Advanced Information Networking and Applications, 2008. AINA 2008. 22nd International Conference on
Conference_Location :
Okinawa
Print_ISBN :
978-0-7695-3095-6
DOI :
10.1109/AINA.2008.81
