Auflistung nach Schlagwort "risk management"
1 - 6 von 6
Treffer pro Seite
Sortieroptionen
- WorkshopbeitragComparison of the FMEA and STPA safety analysis methods-a case study(Software Engineering and Software Management 2019, 2019) Sulaman, Sardar Muhammad; Beer, Armin; Felderer, Michael; Höst, MartinThis summary refers to the paper ’Comparison of the FMEA and STPA safety analysis methods–a case study’ [Su17]. The paper was published as an article in the Software Quality Journal. It compares the Failure Mode and Effect Analysis (FMEA) and the System Theoretic Process Analysis (STPA) in an industrial case study.
- ZeitschriftenartikelExPDT: Ein Policy-basierter Ansatz zur Automatisierung von Compliance(Wirtschaftsinformatik: Vol. 50, No. 5, 2008) Sackmann, Stefan; Kähmer, MartinUnternehmen sehen sich steigenden Anforderungen aus neuen Gesetzen, regulatorischen Vorschriften, Standards, Governance und auch Verträgen gegenüber. Durch den Einsatz von Informationstechnologie kann die Validierung der Einhaltung solcher Regeln (Compliance) automatisiert und effizienter erreicht werden. Aktuelle Ansätze basieren im Wesentlichen auf Zugangskontrolle und der Dokumentation der tatsächlichen Nutzung von Daten sowie Durchführung von Prozessen. Damit können zwar einzelne Compliance-Anforderungen adressiert werden, ein effizienter IT-Einsatz erfordert jedoch einen allgemeinen Ansatz. Hierfür wird ein Rahmenwerk zur Automatisierung von Compliance vorgestellt. „Policies“, wie sie aus der IT-Sicherheit bekannt sind, werden als Schlüssel zur Automatisierung von Compliance identifiziert, da sie eine Brücke zwischen nicht-technischen Compliance-Anforderungen und deren Umsetzung in IT-Systemen bieten. Es wird die Policy-Sprache ExPDT präsentiert und gezeigt, inwieweit diese zur automatisierten Einhaltung von Compliance-Anforderungen eingesetzt werden kann, ohne die situationsspezifisch erforderliche Adaptivität von Geschäftsprozessen zu gefährden.AbstractRemaining in compliance with growing requirements from new laws, regulations, standards, or contracts demands increasing IT support beyond simple reporting tools or archiving solutions. However, an efficient IT support of compliance management requires a more general approach. In this contribution, a framework for automating compliance is introduced. Policies are seen as the key to aligning non-technical compliance requirements to a technical IT system. The policy language ExPDT is presented and evaluated with regard to maintaining flexibility of business processes and validating compliance.
- KonferenzbeitragMigrating a Multi-Million Lines Smalltalk System to Java – A Project Presentation(Softwaretechnik-Trends Band 39, Heft 2, 2019) Borkowski, UdoparcIT provides software and methodology services for bank management, risk management and rating procedures. Initially written in Smalltalk the software evolved to a hybrid Smalltalk-Java system with more than 3 MLOC Smalltalk and more than 4 MLOC Java code. We will present how we plan to migrate the software to a Java-only solution
- KonferenzbeitragRisk-Oriented Security Engineering(Automotive - Safety & Security 2017 - Sicherheit und Zuverlässigkeit für automobile Informationstechnik, 2017) Ebert, ChristofVirtually every connected system will be attacked sooner or later. A 100% secure solution is not feasible. Therefore, advanced risk assessment and mitigation is the order of the day. Risk-oriented security engineering for automotive systems helps in both designing for robust systems as well as effective mitigation upon attacks or exploits of vulnerabilities. Security must be integrated early in the design phase of a vehicle to understand the threats and risks to car functions. The security analysis provides requirements and test vectors and adequate measures can be derived for balanced costs and efforts. The results are useful in the partitioning phase when functionality is distributed to ECUs and networks. We will show with concrete examples how risk-oriented cyber security can be successfully achieved in automotive systems. Three levers for automotive security are addressed: (1) Product, i.e., designing for security for components and the system, (2) Process, i.e., implementing cyber security concepts in the development process and (3) Field, i.e., ensuring security concepts are applied during service activities and effective during regular operations.
- KonferenzbeitragRisks and risk management in ERP project - cases in SME context(Business Information Systems – 9th International Conference on Business Information Systems (BIS 2006), 2006) Ojala, Mika; Vilpola, Inka; Kouri, IlkkaEnterprise resource planning (ERP) projects are considered to be expensive, time-consuming, difficult to manage and risky. This paper presents how companies should consider and manage the risks in their ERP project. The focus in a qualitative case study is on small and medium-sized enterprises (SMEs) and it illustrates how the risks in the case firms are identified, analyzed and managed.
- ZeitschriftenartikelTransformation von Finanzintermediären durch Informationstechnologie(Wirtschaftsinformatik: Vol. 45, No. 5, 2003) Ulrich Buhl, Hans; Kundisch, DennisThe German financial services market is in a fundamental phase of transition and many big German financial services providers are in crisis. Business information system sciences may help a great deal improving the situation by the development of theory-based recommendations. In this contribution the current state of the market as well as its perspectives for the future are presented. Moreover, up-to-date research projects in the domain are discussed.