EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


10782 A model supporting Business Continuity auditing & planning in Information Systems
Home Policy Brochure Browse Search User Area Contact Help

Zambon, Emmanuele and Bolzoni, D. and Etalle, S. and Salvato, M. (2007) A model supporting Business Continuity auditing & planning in Information Systems. In: Second International Conference on Internet Monitoring and Protection (ICIMP), 1-5 Jul 2007, San Jose, CA, USA. pp. 33-33. IEEE Computer Society. ISBN 0-7695-2911-9

This is the latest version of this eprint.

Full text available as:

PDF

487 Kb
Open Access



Official URL: http://doi.ieeecomputersociety.org/10.1109/ICIMP.2007.4

Exported to Metis

Abstract

One of the main tasks of IT business continuity planning (BCP) is to guarantee that incidents affecting the IT infrastructure do not affect the availability of IT-dependent business processes beyond a given acceptable extent. Carrying out BCP of information systems is particularly challenging, because it has to take into consideration the numerous interdependencies between the IT assets typically present in an organization. In this paper we present a model and a tool supporting BCP auditing by allowing IT personnel to estimate and validate the Recovery Time Objectives (to be) set on the various processes of the organization. Our tool can be integrated in COBIT-based risk assessment applications. Finally, we argue that our tool can be particularly useful for the dynamic auditing of the BCP.

Item Type:Conference or Workshop Paper (Full Paper, Talk)
Research Group:EWI-DIES: Distributed and Embedded Security, EWI-IS: Information Systems
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:IPID: Integrated Policy-based Intrusion Detection, PROSECCO: Next Generation Protection and Security of Content, VRIEND: Value-Based Security Risk Mitigation in Enterprise Networks that are Decentralized
ID Code:10782
Status:Published
Deposited On:20 July 2007
Refereed:Yes
International:Yes
More Information:statisticsmetis

Available Versions of this Item

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item