As business processes gain more importance in todays business environment, their unimpeded
execution is crucial for a company's success. Corporate decision makers are faced with a wide
spectrum of potential risks on the one hand and a plenitude of security safeguards on the
other hand. This paper gives an overview of a new approach for the elicitation of security
requirements of business processes, for the analysis of threats and vulnerabilities and for the
interactive selection of an optimal security level according to the given business processes as
well as multiple objectives. It provides decision makers with an instrument for interactively
de ning Secure Business Processes that are economically and technically e cient.