Modeling enterprise risk management and security with the ArchiMate language

Iver Band, Wilco Engelsman, Christophe Feltus, Sonia González Paredes, Jim Hietala, Henk Jonkers, Sébastien Massart

Résultats de recherche: Autre contribution

1893 Downloads (Pure)

Résumé

Enterprise Architects can use the ArchiMate® language to model Enterprise Risk Management (ERM) and security concepts and relationships. This widely accepted open standard provides the modeling constructs to describe and interconnect business and technical architectures. Applying the ArchiMate language to represent risk and security concepts results in the ideal vehicle to consider these aspects in an integral way. The ArchiMate language fits well with other Enterprise Architecture (EA) frameworks and standards, such as the TOGAF® standard and the Zachman framework, as well as enterprise security management frameworks such as the Sherwood Applied Business Security Architecture (SABSA).
Through its Motivation extension, the ArchiMate language makes it possible to link control measures to security requirements, principles, and goals, as well as to the results of a risk analysis. On the other hand, ArchiMate models can be linked to design languages for business processes and IT solutions such as BPMN and UML. These linkages enable precise gathering of a set of broadly accepted risk and security concepts, analysis of their semantics, and consensus regarding the most important ones of the full scope of enterprise risk.
This White Paper, a joint project of The Open Group ArchiMate Forum and The Open Group Security Forum, demonstrates this approach and identifies opportunities for future work that would enhance it.
langue originaleAnglais
TypeA White Paper Published by The Open Group
Nombre de pages42
étatPublié - janv. 2015
Modification externeOui

Empreinte digitale

Risk management
Industry
Risk analysis
Semantics

Citer ceci

Band, I., Engelsman, W., Feltus, C., González Paredes, S., Hietala, J., Jonkers, H., & Massart, S. (2015, janv.). Modeling enterprise risk management and security with the ArchiMate language.
Band, Iver ; Engelsman, Wilco ; Feltus, Christophe ; González Paredes, Sonia ; Hietala, Jim ; Jonkers, Henk ; Massart, Sébastien. / Modeling enterprise risk management and security with the ArchiMate language. 2015. 42 p.
@misc{d2d92390811345be868098a06f243a96,
title = "Modeling enterprise risk management and security with the ArchiMate language",
abstract = "Enterprise Architects can use the ArchiMate{\circledR} language to model Enterprise Risk Management (ERM) and security concepts and relationships. This widely accepted open standard provides the modeling constructs to describe and interconnect business and technical architectures. Applying the ArchiMate language to represent risk and security concepts results in the ideal vehicle to consider these aspects in an integral way. The ArchiMate language fits well with other Enterprise Architecture (EA) frameworks and standards, such as the TOGAF{\circledR} standard and the Zachman framework, as well as enterprise security management frameworks such as the Sherwood Applied Business Security Architecture (SABSA). Through its Motivation extension, the ArchiMate language makes it possible to link control measures to security requirements, principles, and goals, as well as to the results of a risk analysis. On the other hand, ArchiMate models can be linked to design languages for business processes and IT solutions such as BPMN and UML. These linkages enable precise gathering of a set of broadly accepted risk and security concepts, analysis of their semantics, and consensus regarding the most important ones of the full scope of enterprise risk.This White Paper, a joint project of The Open Group ArchiMate Forum and The Open Group Security Forum, demonstrates this approach and identifies opportunities for future work that would enhance it.",
author = "Iver Band and Wilco Engelsman and Christophe Feltus and {Gonz{\'a}lez Paredes}, Sonia and Jim Hietala and Henk Jonkers and S{\'e}bastien Massart",
note = "Document No.: W150",
year = "2015",
month = "1",
language = "English",
type = "Other",

}

Band, I, Engelsman, W, Feltus, C, González Paredes, S, Hietala, J, Jonkers, H & Massart, S 2015, Modeling enterprise risk management and security with the ArchiMate language..

Modeling enterprise risk management and security with the ArchiMate language. / Band, Iver; Engelsman, Wilco; Feltus, Christophe; González Paredes, Sonia; Hietala, Jim; Jonkers, Henk; Massart, Sébastien.

42 p. 2015, A White Paper Published by The Open Group.

Résultats de recherche: Autre contribution

TY - GEN

T1 - Modeling enterprise risk management and security with the ArchiMate language

AU - Band, Iver

AU - Engelsman, Wilco

AU - Feltus, Christophe

AU - González Paredes, Sonia

AU - Hietala, Jim

AU - Jonkers, Henk

AU - Massart, Sébastien

N1 - Document No.: W150

PY - 2015/1

Y1 - 2015/1

N2 - Enterprise Architects can use the ArchiMate® language to model Enterprise Risk Management (ERM) and security concepts and relationships. This widely accepted open standard provides the modeling constructs to describe and interconnect business and technical architectures. Applying the ArchiMate language to represent risk and security concepts results in the ideal vehicle to consider these aspects in an integral way. The ArchiMate language fits well with other Enterprise Architecture (EA) frameworks and standards, such as the TOGAF® standard and the Zachman framework, as well as enterprise security management frameworks such as the Sherwood Applied Business Security Architecture (SABSA). Through its Motivation extension, the ArchiMate language makes it possible to link control measures to security requirements, principles, and goals, as well as to the results of a risk analysis. On the other hand, ArchiMate models can be linked to design languages for business processes and IT solutions such as BPMN and UML. These linkages enable precise gathering of a set of broadly accepted risk and security concepts, analysis of their semantics, and consensus regarding the most important ones of the full scope of enterprise risk.This White Paper, a joint project of The Open Group ArchiMate Forum and The Open Group Security Forum, demonstrates this approach and identifies opportunities for future work that would enhance it.

AB - Enterprise Architects can use the ArchiMate® language to model Enterprise Risk Management (ERM) and security concepts and relationships. This widely accepted open standard provides the modeling constructs to describe and interconnect business and technical architectures. Applying the ArchiMate language to represent risk and security concepts results in the ideal vehicle to consider these aspects in an integral way. The ArchiMate language fits well with other Enterprise Architecture (EA) frameworks and standards, such as the TOGAF® standard and the Zachman framework, as well as enterprise security management frameworks such as the Sherwood Applied Business Security Architecture (SABSA). Through its Motivation extension, the ArchiMate language makes it possible to link control measures to security requirements, principles, and goals, as well as to the results of a risk analysis. On the other hand, ArchiMate models can be linked to design languages for business processes and IT solutions such as BPMN and UML. These linkages enable precise gathering of a set of broadly accepted risk and security concepts, analysis of their semantics, and consensus regarding the most important ones of the full scope of enterprise risk.This White Paper, a joint project of The Open Group ArchiMate Forum and The Open Group Security Forum, demonstrates this approach and identifies opportunities for future work that would enhance it.

M3 - Other contribution

ER -

Band I, Engelsman W, Feltus C, González Paredes S, Hietala J, Jonkers H et al. Modeling enterprise risk management and security with the ArchiMate language. 2015. 42 p.