|Publication type:||Conference paper|
|Type of review:||Peer review (publication)|
|Title:||IT risk audit tool to enhance IT risk assessments|
|Authors:||Mock, Ralf Günter|
|Proceedings:||Safety and reliability of complex engineered systems : ESREL 2015|
|Conference details:||25th European Safety and Reliability Conference (ESREL 2015), Zurich, 7-10 September 2015|
|Publisher / Ed. Institution:||Taylor & Francis|
|Publisher / Ed. Institution:||London|
|Subjects:||Risikoaudit; Informationstechnik; Risiko|
|Subject (DDC):||004: Computer science|
|Abstract:||The risk assessment methodology offers many approaches to analyse systems of any kind. However, the established approaches do not fit very well to needs, resources and business frame work of IT operating enterprises, e.g., when offering internet based services in payment transaction industry. The paper introduces a supporting IT Risk Assessment methodology to evaluate and prioritise risks of complex business processes implemented as software systems. The resultant IT Risk Assessment Audit Tool is intended to support the semi-automated audit of a business process implemented in Java or any object oriented language (source code). It analyses the source code and calculates likelihood and risk indicators based on UML classes. For this, the tool collects different complexity metrics for each class, calculates weighted indicators, accepts impact and mitigation inputs and displays the result in a prioritised list. The paper outlines fundamental concepts and calculations for IT risk evaluation by using UML Class Diagrams and software complexity metrics. Pros and cons of approach and tool are discussed.|
|Fulltext version:||Published version|
|License (according to publishing contract):||Licence according to publishing contract|
|Departement:||School of Engineering|
|Organisational Unit:||Institute of Applied Information Technology (InIT)|
|Appears in collections:||Publikationen School of Engineering|
Files in This Item:
There are no files associated with this item.
Show full item record
Mock, R. G., Truninger, B., Brunner, P., & Pociuipa, G. (2015). IT risk audit tool to enhance IT risk assessments [Conference paper]. Safety and Reliability of Complex Engineered Systems : ESREL 2015, 4029–4036.
Mock, R.G. et al. (2015) ‘IT risk audit tool to enhance IT risk assessments’, in Safety and reliability of complex engineered systems : ESREL 2015. London: Taylor & Francis, pp. 4029–4036.
R. G. Mock, B. Truninger, P. Brunner, and G. Pociuipa, “IT risk audit tool to enhance IT risk assessments,” in Safety and reliability of complex engineered systems : ESREL 2015, 2015, pp. 4029–4036.
Mock, Ralf Günter, et al. “IT Risk Audit Tool to Enhance IT Risk Assessments.” Safety and Reliability of Complex Engineered Systems : ESREL 2015, Taylor & Francis, 2015, pp. 4029–36.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.