| Publikationstyp: | Konferenz: Paper |
| Art der Begutachtung: | Peer review (Publikation) |
| Titel: | IT risk audit tool to enhance IT risk assessments |
| Autor/-in: | Mock, Ralf Günter Truninger, Benjamin Brunner, Patrick Pociuipa, Giedrius |
| Tagungsband: | Safety and reliability of complex engineered systems : ESREL 2015 |
| Seite(n): | 4029 |
| Seiten bis: | 4036 |
| Angaben zur Konferenz: | 25th European Safety and Reliability Conference (ESREL 2015), Zurich, 7-10 September 2015 |
| Erscheinungsdatum: | 2015 |
| Verlag / Hrsg. Institution: | Taylor & Francis |
| Verlag / Hrsg. Institution: | London |
| ISBN: | 978-1-138-02879-1 978-1-315-64841-5 |
| Sprache: | Englisch |
| Schlagwörter: | Risikoaudit; Informationstechnik; Risiko |
| Fachgebiet (DDC): | 004: Informatik |
| Zusammenfassung: | The risk assessment methodology offers many approaches to analyse systems of any kind. However, the established approaches do not fit very well to needs, resources and business frame work of IT operating enterprises, e.g., when offering internet based services in payment transaction industry. The paper introduces a supporting IT Risk Assessment methodology to evaluate and prioritise risks of complex business processes implemented as software systems. The resultant IT Risk Assessment Audit Tool is intended to support the semi-automated audit of a business process implemented in Java or any object oriented language (source code). It analyses the source code and calculates likelihood and risk indicators based on UML classes. For this, the tool collects different complexity metrics for each class, calculates weighted indicators, accepts impact and mitigation inputs and displays the result in a prioritised list. The paper outlines fundamental concepts and calculations for IT risk evaluation by using UML Class Diagrams and software complexity metrics. Pros and cons of approach and tool are discussed. |
| URI: | https://digitalcollection.zhaw.ch/handle/11475/13317 |
| Volltext Version: | Publizierte Version |
| Lizenz (gemäss Verlagsvertrag): | Lizenz gemäss Verlagsvertrag |
| Departement: | School of Engineering |
| Organisationseinheit: | Institut für Informatik (InIT) |
| Enthalten in den Sammlungen: | Publikationen School of Engineering |
Dateien zu dieser Ressource:
Es gibt keine Dateien zu dieser Ressource.
Zur Langanzeige
Mock, R. G., Truninger, B., Brunner, P., & Pociuipa, G. (2015). IT risk audit tool to enhance IT risk assessments [Conference paper]. Safety and Reliability of Complex Engineered Systems : ESREL 2015, 4029–4036.
Mock, R.G. et al. (2015) ‘IT risk audit tool to enhance IT risk assessments’, in Safety and reliability of complex engineered systems : ESREL 2015. London: Taylor & Francis, pp. 4029–4036.
R. G. Mock, B. Truninger, P. Brunner, and G. Pociuipa, “IT risk audit tool to enhance IT risk assessments,” in Safety and reliability of complex engineered systems : ESREL 2015, 2015, pp. 4029–4036.
MOCK, Ralf Günter, Benjamin TRUNINGER, Patrick BRUNNER und Giedrius POCIUIPA, 2015. IT risk audit tool to enhance IT risk assessments. In: Safety and reliability of complex engineered systems : ESREL 2015. Conference paper. London: Taylor & Francis. 2015. S. 4029–4036. ISBN 978-1-138-02879-1
Mock, Ralf Günter, Benjamin Truninger, Patrick Brunner, and Giedrius Pociuipa. 2015. “IT Risk Audit Tool to Enhance IT Risk Assessments.” Conference paper. In Safety and Reliability of Complex Engineered Systems : ESREL 2015, 4029–36. London: Taylor & Francis.
Mock, Ralf Günter, et al. “IT Risk Audit Tool to Enhance IT Risk Assessments.” Safety and Reliability of Complex Engineered Systems : ESREL 2015, Taylor & Francis, 2015, pp. 4029–36.
Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt, soweit nicht anderweitig angezeigt.