论文信息 - Improvement of Security Costs Evaluation Process by Using Data Automatically Captured from BPMN and EPC Models

Improvement of Security Costs Evaluation Process by Using Data Automatically Captured from BPMN and EPC Models

Amount of security breaches and organizations’ losses, related to them, is increasing every year. One of the key reasons is a high dependency of organization’s key business processes on information and information technology. To decrease the risk of possible breaches, organizations have to ensure “due diligence” and “due care” principles. This means, organizations need to apply requirements or controls defined by existing security standards. One of the main issues in such approach is identification of critical areas and evaluation of cost for security requirements implementation.

Arnas Kaceniauskas | Antanas Cenys | Nikolaj Goranin | Dmitrij Olifer | Justinas Janulevicius

[1] Thomas Nowey,et al. A Closer Look at Information Security Costs , 2012, WEIS.

[2] Sergio de Cesare,et al. A Comparative Analysis Of Business Process Modelling Techniques , 2009 .

[3] Ashish Ukidve,et al. Analysis of Payment Card Industry Data Security Standard [PCI DSS] Compliance by Confluence of COBIT 5 Framework , 2017 .

[4] Antanas Cenys,et al. Security Ontology for Adaptive Mapping of Security Standards , 2013, Int. J. Comput. Commun. Control.

[5] Antanas Cenys,et al. Controls-based approach for evaluation of information security standards implementation costs , 2017 .