Publikationstyp: | Konferenz: Paper |
Art der Begutachtung: | Peer review (Publikation) |
Titel: | A second chance for risk assessment in IT system analysis? |
Autor/-in: | Mock, Ralf Günter Straumann, Hugo Fischer, Andreas |
Tagungsband: | Safety, reliability and risk analysis : beyond the horizon |
Seite(n): | 2237 |
Seiten bis: | 2244 |
Angaben zur Konferenz: | European Safety and Reliability Conference (ESREL 2013), Amsterdam, Netherlands, 30 September - 2 October 2013 |
Erscheinungsdatum: | 2014 |
Verlag / Hrsg. Institution: | Taylor & Francis |
Verlag / Hrsg. Institution: | London |
ISBN: | 978-1-138-00123-7 978-1-315-81559-6 |
Sprache: | Englisch |
Schlagwörter: | Risikoanalyse; IT security |
Fachgebiet (DDC): | 004: Informatik |
Zusammenfassung: | Engineering risk assessment approaches look back on a longtime success story. This development has not been repeated in Information Technology (IT). The paper outlines the diverging development of (risk) analysis as driven by operators of sites and of IT infrastructures. The limitation of IT approaches is exemplified by the IT trend of Bring Your Own Device at enterprises. There, Chief Information Officers (CIO) are key persons when deciding about usage and acceptance of any evaluation procedures. IT compliance checks and risk assessment approaches are discussed. In order to overcome their emerging weaknesses in the field, a two stage procedure in IT risk assessment is suggested: It starts with IT compliance checks to ensure basic protection of IT system operation. Second, a FMEA-like approach is adapted to cover non-standard processes further structured by engineering safety principles as Defence-in-Depth. The pros and cons of the procedure are discussed. |
URI: | https://digitalcollection.zhaw.ch/handle/11475/13314 |
Volltext Version: | Publizierte Version |
Lizenz (gemäss Verlagsvertrag): | Lizenz gemäss Verlagsvertrag |
Departement: | School of Engineering |
Organisationseinheit: | Institut für Informatik (InIT) |
Enthalten in den Sammlungen: | Publikationen School of Engineering |
Dateien zu dieser Ressource:
Es gibt keine Dateien zu dieser Ressource.
Zur Langanzeige
Mock, R. G., Straumann, H., & Fischer, A. (2014). A second chance for risk assessment in IT system analysis? [Conference paper]. Safety, Reliability and Risk Analysis : Beyond the Horizon, 2237–2244.
Mock, R.G., Straumann, H. and Fischer, A. (2014) ‘A second chance for risk assessment in IT system analysis?’, in Safety, reliability and risk analysis : beyond the horizon. London: Taylor & Francis, pp. 2237–2244.
R. G. Mock, H. Straumann, and A. Fischer, “A second chance for risk assessment in IT system analysis?,” in Safety, reliability and risk analysis : beyond the horizon, 2014, pp. 2237–2244.
MOCK, Ralf Günter, Hugo STRAUMANN und Andreas FISCHER, 2014. A second chance for risk assessment in IT system analysis? In: Safety, reliability and risk analysis : beyond the horizon. Conference paper. London: Taylor & Francis. 2014. S. 2237–2244. ISBN 978-1-138-00123-7
Mock, Ralf Günter, Hugo Straumann, and Andreas Fischer. 2014. “A Second Chance for Risk Assessment in IT System Analysis?” Conference paper. In Safety, Reliability and Risk Analysis : Beyond the Horizon, 2237–44. London: Taylor & Francis.
Mock, Ralf Günter, et al. “A Second Chance for Risk Assessment in IT System Analysis?” Safety, Reliability and Risk Analysis : Beyond the Horizon, Taylor & Francis, 2014, pp. 2237–44.
Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt, soweit nicht anderweitig angezeigt.