Model-Based Mitigation of Availability Risks

Emmanuele Zambon, D. Bolzoni, Sandro Etalle, Marco Salvato

    Research output: Book/ReportReportProfessional

    8 Citations (Scopus)
    82 Downloads (Pure)

    Abstract

    The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for Risk Assessment and Mitigation show limitations when evaluating and mitigating availability risks. This is due to the fact that they do not fully consider the dependencies between the constituents of an IT infrastructure that are paramount in large enterprises. These dependencies make the technical problem of assessing availability issues very challenging. In this paper we define a method and a tool for carrying out a Risk Mitigation activity which allows to assess the global impact of a set of risks and to choose the best set of countermeasures to cope with them. To this end, the presence of a tool is necessary due to the high complexity of the assessment problem. Our approach can be integrated in present Risk Management methodologies (e.g. COBIT) to provide a more precise Risk Mitigation activity. We substantiate the viability of this approach by showing that most of the input required by the tool is available as part of a standard business continuity plan, and/or by performing a common tool-assisted Risk Management.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherCentre for Telematics and Information Technology (CTIT)
    Number of pages10
    Publication statusPublished - 31 Jan 2007

    Publication series

    NameCTIT Technical Report Series
    PublisherCentre for Telematics and Information Technology, University of Twente
    No.2/TR-CTIT-07-04
    ISSN (Print)1381-3625

    Keywords

    • IR-66988
    • EWI-9449
    • SCS-Cybersecurity
    • METIS-242053

    Cite this