Adapting Business Process Modeling Techniques for Risk Analysis of Computer Based Information Systems
This paper provides a novel approach for the modeling of undesired event sequences in complex computer based information systems. In doing so, it shows how object oriented event process chains (oEPC) are adapted for modeling undesired event sequences and presents a case study, where the approach is applied. Based on this approach system dynamcs and complexity can be analyzed and an efficient risk analysis approach can be established.
KeywordsInformation System Event Sequence Causal Loop Diagram Business Impact Event Drive Process Chain
Unable to display preview. Download preview PDF.
- 1.Sterman J.D. Business Dynamics. McGraw-Hill, New York, 2000Google Scholar
- 2.Basle Committee on Banking Supervision. Consultative Document. Overview of the New Basel Capital Accord. 2001Google Scholar
- 3.Mock R., Möhle F., Fischer A. Risk Analysis Related Issues of IT-Systems: Case Studies in Review. In: PSAM6. Elsevier, Amsterdam, 2002Google Scholar
- 5.Booch G., Rumbaugh J., Jacobson I. The Unified Modeling Language User Guide. Addison Wesley Longman, Reading, MA, 1999Google Scholar
- 6.Internet Security Systems, Alerts: Microsoft SQL Slammer Worm Propagation. Atlanta: January 25, 2003 [http://xforce.iss.net/xforce/xfdb/11153]Google Scholar