A Systematic Approach to Define the Domain of Information System Security Risk Management - Intentional Perspectives on Information Systems Engineering

Information Technology Reference

In-Depth Information

language definition [ 20, 45] . Steps 1-3 are intended to guarantee sound and agreed

conceptual foundations. But these are not the only criteria. Hence, step 4 will also

address the formal definition of syntax and semantics, which facilitates unambigu-

ous interpretation and automated reasoning. We will also take into account “softer”,

but equally important properties, such as appropriateness of the graphical symbols

and structuring mechanisms.

Further motivations for this research method can be found in [ 11, 40, 41] . The

reader should also note that although this process looks rather sequential, steps 1-4

are meant to be conducted in an iterative and incremental way. In this chapter we

focus on the first two steps. In the conclusion, we report on the progress made with

steps 3 and 4.

3 Survey of the Literature

The survey of the literature is divided into three parts. The first part (Sect. 3.1) delim-

its the scope of our survey and provides some basic definitions. The second part

(Sect. 3.2) is concerned with ISSRM standards, methods and studies. These sources

are used as foundations for the ISSRM domain model (which will be described

in Sect. 5) . The third part (Sect. 3.3) surveys the security-oriented modelling lan-

guages. Those are candidate for comparison and extension according to the ISSRM

domain model. However, such comparisons and extensions are out of the scope of

the present chapter.

3.1 Scope of the Survey and Basic Definitions

The most generally agreed upon definition of risk is the one found in ISO/IEC Guide

73. There, a risk is defined as a “combination of the probability of an event and its

consequence” [ 22] . Following this definition, RM is defined as “coordinated activi-

ties to direct and control an organisation with regard to risk” [ 22] . Depending on the

context, RM can address various kinds of issues [ 24, 54] . For example, risks can be

related to the organisation's management (e.g., illness of a key person in regards to

the business), finance (e.g., related to investment), environment (e.g., pollution), or

security.

In our research, we focus only on security RM. Other kinds of risks, such as

financial or project risk, are deemed out of scope. The common denominator of the

ISSRM approaches is the fact that there are security objectives to reach (or security

properties to respect) to ensure reasonable protection of the organisation's assets.

Assets are generally defined as anything that has value to the organisation, and thus

needs to be protected. However, we will always look at assets related to an organisa-

tion's IS, that is, “[a] system, whether automated or manual, that comprises people,

machines, and/or methods organized to collect, process, transmit, and disseminate

data that represent user information” [ 56] . Thus, in a given IS context, assets may

Search WWH ::

Custom Search

Home