Business process-based valuation of IT-Security

T. Neubauer, M. Klemen,S. Biffl:
"Business process-based valuation of IT-Security";
Vortrag: 7th International Workshop on Economics-Driven Software Engineering Research EDSER'05, St. Louis, Missouri; 15.05.2005; in:"Proceedings of the 7th International Workshop on Economics-Driven Software Engineering Research EDSER'05, Volume 30 Issue 4", ACM Press, (2005), ISBN: 1-59593-118-x; S. 1 - 5.

[ Publication Database ]

Abstract:


Growing business integration raises the need for secure business processes as security problems can affect the profit and the reputation of a company. However, decisions regarding a reasonable level of security in a business environment are often made in a value-neutral way.This paper presents a framework for the valuation of cost-benefit of various security levels with business processes. The framework can be used for planning security levels in software development and allows further continuous monitoring and improvement of cost-benefit of security measures along with operative business processes.