Applications for IT-Risk Management ? Requirements and Practical Evaluation

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Heinz Lothar Grob Articles by Gereon Strauch Articles by Christian Buddendick

2008 Third International Conference on Availability, Reliability and Security

March 04-March 07

ISBN: 978-0-7695-3102-1

	ASCII Text	x
	Heinz Lothar Grob, Gereon Strauch, Christian Buddendick, "Applications for IT-Risk Management ? Requirements and Practical Evaluation," Availability, Reliability and Security, International Conference on, pp. 758-764, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.168, author = {Heinz Lothar Grob and Gereon Strauch and Christian Buddendick}, title = {Applications for IT-Risk Management ? Requirements and Practical Evaluation}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {758-764}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.168}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Applications for IT-Risk Management ? Requirements and Practical Evaluation SN - 978-0-7695-3102-1 SP758 EP764 A1 - Heinz Lothar Grob, A1 - Gereon Strauch, A1 - Christian Buddendick, PY - 2008 KW - IT-Compliance KW - IT-risk management KW - information security management KW - software market analysis VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Heinz Lothar Grob

Gereon Strauch

Christian Buddendick

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2008.168

Nowadays the importance of a dedicated information security management (ISM) is undisputedly. One essential task in realizing a company's ISM is to implement a compulsory operational risk management (ORM) aiming also at ensuring the compliance with certain standards. The risks addressed by ORM prevalently result from information systems. A promising approach is to focus on business processes to combine the technical system focused perspective of security management with the more centralized perspective of operational risk management. Within this paper first we will deliver an introduction an integrated IT risk management and its corresponding decisions. Afterwards we will derive requirements for application systems in order to supporting decisions in IT-Risk Management. For this purpose a catalogue of requirements will be developed. Based on this catalogue software systems for IT security management and operational risk management were examined with regard to their adequacy for decision support in IT-Risk Management.

Index Terms:

IT-Compliance, IT-risk management, information security management, software market analysis

Citation:

Heinz Lothar Grob, Gereon Strauch, Christian Buddendick, "Applications for IT-Risk Management ? Requirements and Practical Evaluation," ares, pp.758-764, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.