Auditing Security of Information Flows

Perspectives in Business Informatics Research: 15th International Conference (BIR 2016): Proceedings 2016
Dmitrijs Kozlovs, Mārīte Kirikova

Auditing security of information flows is still considered as one of the challenges in business information systems development. There are different standards and approaches that address information security. However, due to the number of information assets that have to be audited and the frequency of their changes the audit becomes complex and sometimes too subjective. Therefore, to have an opportunity to audit information security at the business process level, we needed to find a method that gives the base structure for the audit activities and supports the choice of information assets for the audit. In this regard, the Security Requirement Elicitation from Business Process approach, which focuses on information security requirements in business processes, provided an idea to ground the audit approach in business processes and information flows in them in order to facilitate integrated consideration of both, business and technology, aspects during the audit.

Atslēgas vārdi
Information flows, Information security, Security audit, Business processes based security engineering
DOI
10.1007/978-3-319-45321-7_15
Hipersaite
http://link.springer.com/chapter/10.1007%2F978-3-319-45321-7_15

Kozlovs, D., Kirikova, M. Auditing Security of Information Flows. No: Perspectives in Business Informatics Research: 15th International Conference (BIR 2016): Proceedings, Čehija, Prague, 15.-16. septembris, 2016. Cham: Springer International Publishing, 2016, 204.-219.lpp. ISBN 978-3-319-45320-0. e-ISBN 978-3-319-45321-7. ISSN 1865-1348. Pieejams: doi:10.1007/978-3-319-45321-7_15

Publikācijas valoda
English (en)