EEMCS

This is the latest version of this eprint.

Full text available as:

PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader 415 Kb

Official URL: http://dx.doi.org/10.1109/BDIM.2007.375014

Abstract

The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for Risk Assessment and Mitigation show limitations when evaluating and mitigating availability risks. This is due to the fact that they do not fully consider the dependencies between the constituents of an IT infrastructure that are paramount in large enterprises. These dependencies make the technical problem of assessing availability issues very challenging. In this paper we define a method and a tool for carrying out a Risk Mitigation activity which allows to assess the global impact of a set of risks and to choose the best set of countermeasures to cope with them. To this end, the presence of a tool is necessary due to the high complexity of the assessment problem. Our approach can be integrated in present Risk Management methodologies (e.g. COBIT) to provide a more precise Risk Mitigation activity. We substantiate the viability of this approach by showing that most of the input required by the tool is available as part of a standard business continuity plan, and/or by performing a common tool-assisted Risk Management.

Available Versions of this Item

• Model-Based Mitigation of Availability Risks (deposited 17 February 2007)
  • Model-Based Mitigation of Availability Risks (deposited 01 June 2007)
    [Currently Displayed]

Export this item as:

• BibTeX
• XML

To correct this item please ask your editor

Repository Staff Only: edit this item