A Business Process-Based Risk Evaluation Framework

Abstract:

Article Preview

To present the essence of information system risk evaluation and improve the effect of evaluation, the paper puts forward a business process-based information system risk evaluation after analyzing the current risk evaluation methods. The framework begins with the description of business process in perspective of information security and then analyzes and assesses the business activities. The risk-control evaluation of business activities is brought forward and the optional security control measures are comprehensively evaluated so as to ensure security of business activities. The framework focuses on business process activities so that information system assets, their vulnerabilities and threats are associated and evaluation of isolated and meaningless assets is avoided.

Info:

Periodical:

Advanced Materials Research (Volumes 230-232)

Edited by:

Ran Chen and Wenli Yao

Pages:

1024-1028

DOI:

10.4028/www.scientific.net/AMR.230-232.1024

Citation:

Z. W. Yu "A Business Process-Based Risk Evaluation Framework", Advanced Materials Research, Vols. 230-232, pp. 1024-1028, 2011

Online since:

May 2011

Authors:

Export:

Price:

$35.00

In order to see related information, you need to Login.

In order to see related information, you need to Login.