A model supporting Business Continuity auditing & planning in Information Systems

Emmanuele Zambon, Damiano Bolzoni, Sandro Etalle, Marco Salvato

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    14 Citations (Scopus)
    81 Downloads (Pure)

    Abstract

    One of the main tasks of IT business continuity planning (BCP) is to guarantee that incidents affecting the IT infrastructure do not affect the availability of IT-dependent business processes beyond a given acceptable extent. Carrying out BCP of information systems is particularly challenging, because it has to take into consideration the numerous interdependencies between the IT assets typically present in an organization. In this paper we present a model and a tool supporting BCP auditing by allowing IT personnel to estimate and validate the Recovery Time Objectives (to be) set on the various processes of the organization. Our tool can be integrated in COBIT-based risk assessment applications. Finally, we argue that our tool can be particularly useful for the dynamic auditing of the BCP.
    Original languageEnglish
    Title of host publicationSecond International Conference on Internet Monitoring and Protection (ICIMP)
    Place of PublicationLos Alamitos
    PublisherIEEE
    Pages33-33
    Number of pages9
    ISBN (Print)0-7695-2911-9
    DOIs
    Publication statusPublished - 1 Jul 2007
    Event2nd International Conference on Internet Monitoring and Protection, ICIMP 2007 - San Jose, United States
    Duration: 1 Jul 20075 Jul 2007
    Conference number: 2

    Conference

    Conference2nd International Conference on Internet Monitoring and Protection, ICIMP 2007
    Abbreviated titleICIMP
    Country/TerritoryUnited States
    CitySan Jose
    Period1/07/075/07/07

    Keywords

    • SCS-Cybersecurity

    Fingerprint

    Dive into the research topics of 'A model supporting Business Continuity auditing & planning in Information Systems'. Together they form a unique fingerprint.

    Cite this