Full metadata record
DC FieldValueLanguage
dc.contributor.authorMock, Ralf Günter-
dc.contributor.authorTruninger, Benjamin-
dc.contributor.authorBrunner, Patrick-
dc.contributor.authorPociuipa, Giedrius-
dc.date.accessioned2018-11-29T07:50:43Z-
dc.date.available2018-11-29T07:50:43Z-
dc.date.issued2015-
dc.identifier.isbn978-1-138-02879-1de_CH
dc.identifier.isbn978-1-315-64841-5de_CH
dc.identifier.urihttps://digitalcollection.zhaw.ch/handle/11475/13317-
dc.description.abstractThe risk assessment methodology offers many approaches to analyse systems of any kind. However, the established approaches do not fit very well to needs, resources and business frame work of IT operating enterprises, e.g., when offering internet based services in payment transaction industry. The paper introduces a supporting IT Risk Assessment methodology to evaluate and prioritise risks of complex business processes implemented as software systems. The resultant IT Risk Assessment Audit Tool is intended to support the semi-automated audit of a business process implemented in Java or any object oriented language (source code). It analyses the source code and calculates likelihood and risk indicators based on UML classes. For this, the tool collects different complexity metrics for each class, calculates weighted indicators, accepts impact and mitigation inputs and displays the result in a prioritised list. The paper outlines fundamental concepts and calculations for IT risk evaluation by using UML Class Diagrams and software complexity metrics. Pros and cons of approach and tool are discussed.de_CH
dc.language.isoende_CH
dc.publisherTaylor & Francisde_CH
dc.rightsLicence according to publishing contractde_CH
dc.subjectRisikoauditde_CH
dc.subjectInformationstechnikde_CH
dc.subjectRisikode_CH
dc.subject.ddc004: Informatikde_CH
dc.titleIT risk audit tool to enhance IT risk assessmentsde_CH
dc.typeKonferenz: Paperde_CH
dcterms.typeTextde_CH
zhaw.departementSchool of Engineeringde_CH
zhaw.organisationalunitInstitut für Angewandte Informationstechnologie (InIT)de_CH
zhaw.publisher.placeLondonde_CH
zhaw.conference.details25th European Safety and Reliability Conference (ESREL 2015), Zurich, 7-10 September 2015de_CH
zhaw.funding.euNode_CH
zhaw.originated.zhawYesde_CH
zhaw.pages.end4036de_CH
zhaw.pages.start4029de_CH
zhaw.publication.statuspublishedVersionde_CH
zhaw.publication.reviewPeer review (Publikation)de_CH
zhaw.title.proceedingsSafety and reliability of complex engineered systems : ESREL 2015de_CH
Appears in collections:Publikationen School of Engineering

Files in This Item:
There are no files associated with this item.


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.