A second chance for risk assessment in IT system analysis?

Mock, Ralf Günter; Straumann, Hugo; Fischer, Andreas

Full metadata record

DC Field	Value	Language
dc.contributor.author	Mock, Ralf Günter	-
dc.contributor.author	Straumann, Hugo	-
dc.contributor.author	Fischer, Andreas	-
dc.date.accessioned	2018-11-27T18:07:59Z	-
dc.date.available	2018-11-27T18:07:59Z	-
dc.date.issued	2014	-
dc.identifier.isbn	978-1-138-00123-7	de_CH
dc.identifier.isbn	978-1-315-81559-6	de_CH
dc.identifier.uri	https://digitalcollection.zhaw.ch/handle/11475/13314	-
dc.description.abstract	Engineering risk assessment approaches look back on a longtime success story. This development has not been repeated in Information Technology (IT). The paper outlines the diverging development of (risk) analysis as driven by operators of sites and of IT infrastructures. The limitation of IT approaches is exemplified by the IT trend of Bring Your Own Device at enterprises. There, Chief Information Officers (CIO) are key persons when deciding about usage and acceptance of any evaluation procedures. IT compliance checks and risk assessment approaches are discussed. In order to overcome their emerging weaknesses in the field, a two stage procedure in IT risk assessment is suggested: It starts with IT compliance checks to ensure basic protection of IT system operation. Second, a FMEA-like approach is adapted to cover non-standard processes further structured by engineering safety principles as Defence-in-Depth. The pros and cons of the procedure are discussed.	de_CH
dc.language.iso	en	de_CH
dc.publisher	Taylor & Francis	de_CH
dc.rights	Licence according to publishing contract	de_CH
dc.subject	Risikoanalyse	de_CH
dc.subject	IT security	de_CH
dc.subject.ddc	004: Informatik	de_CH
dc.title	A second chance for risk assessment in IT system analysis?	de_CH
dc.type	Konferenz: Paper	de_CH
dcterms.type	Text	de_CH
zhaw.departement	School of Engineering	de_CH
zhaw.organisationalunit	Institut für Informatik (InIT)	de_CH
zhaw.publisher.place	London	de_CH
zhaw.conference.details	European Safety and Reliability Conference (ESREL 2013), Amsterdam, Netherlands, 30 September - 2 October 2013	de_CH
zhaw.funding.eu	No	de_CH
zhaw.originated.zhaw	Yes	de_CH
zhaw.pages.end	2244	de_CH
zhaw.pages.start	2237	de_CH
zhaw.publication.status	publishedVersion	de_CH
zhaw.publication.review	Peer review (Publikation)	de_CH
zhaw.title.proceedings	Safety, reliability and risk analysis : beyond the horizon	de_CH
Appears in collections:	Publikationen School of Engineering

Files in This Item:

There are no files associated with this item.

Show simple item record

Mock, R. G., Straumann, H., & Fischer, A. (2014). A second chance for risk assessment in IT system analysis? [Conference paper]. Safety, Reliability and Risk Analysis : Beyond the Horizon, 2237–2244.

Mock, R.G., Straumann, H. and Fischer, A. (2014) ‘A second chance for risk assessment in IT system analysis?’, in Safety, reliability and risk analysis : beyond the horizon. London: Taylor & Francis, pp. 2237–2244.

R. G. Mock, H. Straumann, and A. Fischer, “A second chance for risk assessment in IT system analysis?,” in Safety, reliability and risk analysis : beyond the horizon, 2014, pp. 2237–2244.

MOCK, Ralf Günter, Hugo STRAUMANN und Andreas FISCHER, 2014. A second chance for risk assessment in IT system analysis? In: Safety, reliability and risk analysis : beyond the horizon. Conference paper. London: Taylor & Francis. 2014. S. 2237–2244. ISBN 978-1-138-00123-7

Mock, Ralf Günter, Hugo Straumann, and Andreas Fischer. 2014. “A Second Chance for Risk Assessment in IT System Analysis?” Conference paper. In Safety, Reliability and Risk Analysis : Beyond the Horizon, 2237–44. London: Taylor & Francis.

Mock, Ralf Günter, et al. “A Second Chance for Risk Assessment in IT System Analysis?” Safety, Reliability and Risk Analysis : Beyond the Horizon, Taylor & Francis, 2014, pp. 2237–44.