Skip to main content
SpringerLink
Log in
Book cover

Complex Systems and Dependability pp 1–17Cite as

Validation of the Software Supporting Information Security and Business Continuity Management Processes

  • Conference paper

Part of the book series: Advances in Intelligent and Soft Computing ((AINSC,volume 170))

Abstract

The chapter presents the OSCAD tool supporting the business continuity (according to BS 25999) and information security management (according to ISO/IEC 27001) processes in organizations. First, the subject of the validation, i.e. the OSCAD software is presented, next the goal and range of the validation are briefly described. The validation is focused on the key management process related to risk analyses. A business-oriented, two-stage risk analysis method implemented in the tool assumes a business processes criticality assessment at the first stage and detailed analysis of threats and vulnerabilities for most critical processes at the second stage of the risk analysis. The main objective of the validation is to answer how to integrate those two management systems in the most efficient way.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. BS 25999-1:2006 Business Continuity Management – Code of Practice

    Google Scholar 

  2. BS 25999-2:2007 Business Continuity Management – Specification for Business Continuity Management

    Google Scholar 

  3. ISO/IEC 27001:2005 – Information technology – Security techniques – Information security management systems – Requirements

    Google Scholar 

  4. ISO/IEC 27002:2005 – Information technology - Security techniques - Code of practice for information security management (formerly ISO/IEC 17799)

    Google Scholar 

  5. Institute EMAG (2010-2011) Reports of a specific-targeted project “Computer-supported business continuity management system – OSCAD”

    Google Scholar 

  6. LDRPS, http://www.availability.sungard.com (accessed January 05, 2012)

  7. ErLogix, http://www.erlogix.com/disaster_recovery_plan_example.asp (accessed January 05, 2012)

  8. Resilient Business Software Toolkit ROBUST, https://robust.riscauthority.co.uk (accessed January 05, 2012)

  9. RPX Recovery planner, http://www.recoveryplanner.com (accessed January 05, 2012)

  10. Cobra, http://www.riskworld.net (accessed January 09, 2012)

  11. Cora, http://www.ist-usa.com (accessed January 09, 2012)

  12. Coras, http://coras.sourceforge.net (accessed January 09, 2012)

  13. Ebios, http://www.ssi.gouv.fr (accessed January 09, 2012)

  14. Ezrisk, http://www.25999continuity.com/ezrisk.htm (accessed January 09, 2012)

  15. Mehari, http://www.clusif.asso.fr (accessed January 09, 2012)

  16. Risicare, http://www.risicare.fr (accessed January 09, 2012)

  17. Octave, http://www.sei.cmu.edu (accessed January 09, 2012)

  18. Lancelot, http://www.wck-grc.com (accessed January 09, 2012)

  19. Bialas, A.: Security Trade-off – Ontological Approach. In: Akbar Hussain, D.M. (ed.) Advances in Computer Science and IT, pp. 39–64. In-Tech, Vienna – Austria (2009) ISBN 978-953-7619-51-0, http://sciyo.com/articles/show/title/security-trade-off-ontological-approach?PHPSESSID=kkl5c72nt1g3qc4t98de5shhc2 (accessed January 10, 2012)

    Google Scholar 

  20. ValueSec Project, http://www.valuesec.eu (accessed January 10, 2012)

  21. Białas, A.: Development of an Integrated, Risk-Based Platform for Information and E-Services Security. In: Górski, J. (ed.) SAFECOMP 2006. LNCS, vol. 4166, pp. 316–329. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. BS PAS 99:2006 Specification of common management system requirements as a framework for integration

    Google Scholar 

  23. Białas, A.: Integrated system for business continuity and information security management – summary of the project results oriented towards of the construction of system models. In: Mechanizacja i Automatyzacja Górnictwa, vol. 11(489), pp. 18–38. Instytut Technik Innowacyjnych “EMAG”, Katowice (2011)

    Google Scholar 

  24. Bialas, A.: Computer Support in Business Continuity and Information Security Management. In: Kapczyński, A., Tkacz, E., Rostanski, M. (eds.) Internet - Technical Developments and Applications 2. AISC, vol. 118, pp. 161–176. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  25. Stoneburner, G., Goguen, A., Feringa, A.: Risk Management Guide for Information Technology Systems. Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800-30 (July 2002)

    Google Scholar 

  26. Białas, A., Lisek, K.: Integrated, business-oriented, two-stage risk analysis. Journal of Information Assurance and Security 2(3) (September 2007) ISSN 1554-10

    Google Scholar 

  27. Bagiński, J., Rostański, M.: The modeling of Business Impact Analysis for the loss of integrity, confidentiality and availability in business processes and data. Theoretical and Applied Informatics 23(1), 73–82 (2011) ISSN 1896-5334

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Innovative Technologies EMAG, 40-189, Katowice, Leopolda 31, Poland

    Jacek Baginski & Andrzej Białas

Authors
  1. Jacek Baginski
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andrzej Białas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jacek Baginski .

Editor information

Editors and Affiliations

  1. , Institute of Computer Engineering,, Wrocław University of Technology, ul. Janiszewskiego 11/17, Wroclaw, 50-372, Poland

    Wojciech Zamojski

  2. Institute of Computer Engineering, Control and Robotics, Wrocław University of Technology, ul. Janiszewskiego 11/17, Wrocław, 50-372, Poland

    Jacek Mazurkiewicz

  3. , Institute of Computer Engineering,, Wrocław University of Technology, ul. Janiszewskiego 11/17, Wroclaw, 50-372, Poland

    Jarosław Sugier

  4. , Institute of Computer Engineering,, Wrocław University of Technology, ul. Janiszewskiego 11/17, Wroclaw, 50-372, Poland

    Tomasz Walkowiak

  5. Systems Research Instiute, Polish Academy of Sciences, Newelska 6, Warszawa, 01-447, Poland

    Janusz Kacprzyk

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Baginski, J., Białas, A. (2013). Validation of the Software Supporting Information Security and Business Continuity Management Processes. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds) Complex Systems and Dependability. Advances in Intelligent and Soft Computing, vol 170. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30662-4_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30662-4_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30661-7

  • Online ISBN: 978-3-642-30662-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation