Conceptual Integration of enterprise architecture management and security risk management

Research output: Contribution in Book/Catalog/Report/Conference proceedingChapter

90 Downloads (Pure)

Abstract

Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.

Original languageEnglish
Title of host publicationProceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013)
PublisherIEEE Computer society
Pages114-123
Number of pages10
DOIs
Publication statusPublished - 2013

Fingerprint

Enterprise Architecture
Risk Management
Risk management
Information Security
Modeling Language
Information Systems
Industry
Security of data
Information systems
Concepts

Keywords

  • Archimate
  • EAM
  • Enterprise model integration
  • Information security risk management

Cite this

Grandry, E., Feltus, C., & Dubois, E. (2013). Conceptual Integration of enterprise architecture management and security risk management. In Proceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013) (pp. 114-123). IEEE Computer society. https://doi.org/10.1109/EDOCW.2013.19
Grandry, Eric ; Feltus, Christophe ; Dubois, Eric. / Conceptual Integration of enterprise architecture management and security risk management. Proceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013). IEEE Computer society, 2013. pp. 114-123
@inbook{c25430ce619c4240866a0a8e1def1b99,
title = "Conceptual Integration of enterprise architecture management and security risk management",
abstract = "Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.",
keywords = "Archimate, EAM, Enterprise model integration, Information security risk management",
author = "Eric Grandry and Christophe Feltus and Eric Dubois",
year = "2013",
doi = "10.1109/EDOCW.2013.19",
language = "English",
pages = "114--123",
booktitle = "Proceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013)",
publisher = "IEEE Computer society",

}

Grandry, E, Feltus, C & Dubois, E 2013, Conceptual Integration of enterprise architecture management and security risk management. in Proceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013). IEEE Computer society, pp. 114-123. https://doi.org/10.1109/EDOCW.2013.19

Conceptual Integration of enterprise architecture management and security risk management. / Grandry, Eric; Feltus, Christophe; Dubois, Eric.

Proceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013). IEEE Computer society, 2013. p. 114-123.

Research output: Contribution in Book/Catalog/Report/Conference proceedingChapter

TY - CHAP

T1 - Conceptual Integration of enterprise architecture management and security risk management

AU - Grandry, Eric

AU - Feltus, Christophe

AU - Dubois, Eric

PY - 2013

Y1 - 2013

N2 - Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.

AB - Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.

KW - Archimate

KW - EAM

KW - Enterprise model integration

KW - Information security risk management

UR - http://www.scopus.com/inward/record.url?scp=84893432236&partnerID=8YFLogxK

U2 - 10.1109/EDOCW.2013.19

DO - 10.1109/EDOCW.2013.19

M3 - Chapter

SP - 114

EP - 123

BT - Proceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013)

PB - IEEE Computer society

ER -

Grandry E, Feltus C, Dubois E. Conceptual Integration of enterprise architecture management and security risk management. In Proceedings of the Fifth Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE’2013), an International Workshop of the 17th IEEE International EDOC Conference (IEEE EDOC 2013). IEEE Computer society. 2013. p. 114-123 https://doi.org/10.1109/EDOCW.2013.19