An Approach for Securing and Validating Business Processes Based on a Defined Enterprise Security Ontology Criteria

2011 ◽  
pp. 54-66 ◽  
Author(s):  
Ahmed A. Hussein ◽  
Ahmed Ghoneim ◽  
Reiner R. Dumke
Keyword(s):  
Business Processes ◽  
Enterprise Security

scholarly journals From keyboard to cloud-base network revamped data lifecycle cybersecurity

2021 ◽  
Vol 11 (3) ◽  
pp. 226-233
Author(s):  
Amadi Chukwuemeka Augustine ◽  
Juliet Nnenna Odii ◽  
Stanley A Okolie
Keyword(s):  
Security Policy ◽  
Business Processes ◽  
Good Practice ◽  
Building Blocks ◽  
Cloud Base ◽  
Data Life Cycle ◽  
Acceptable Use Policy ◽  
Security Infrastructure ◽  
Enterprise Security ◽  
Functional Components

This paper review seeks to identify the need for a revamped data life cycle security in the era of pervasive threat from skill cyber criminals at this time of internet of things. The motivation is to fill the knowledge gap by presenting some of the ways of data leakages and the likely protection in the organization. The aim is to present a good practice that encourages data confidentiality, acceptable use policy, knowledge of personnel and physical security policy. The building blocks of information security infrastructure across the entire organization is implemented by Enterprise Security Architecture. Rather than focus on individual functional and non-functional components in an individual application, it focuses on a strategic design for a set of security services that can be leveraged by multiple applications, systems, or business processes.

scholarly journals Methodology for Assessing the Risks of Information Enterprise Security Using Case Technologies

2021 ◽  
Vol 25 (5) ◽  
pp. 41-49
Author(s):  
А. V. Gavrilov ◽  
V. A. Sizov ◽  
E. V. Yaroshenko
Keyword(s):  
Information Security ◽  
Business Processes ◽  
Educational Process ◽  
Security System ◽  
Security Measures ◽  
It Industry ◽  
Enterprise Information ◽  
Information Assets ◽  
Value Determination ◽  
Enterprise Security

Purpose of the study. Creating an effective information security system of an enterprise is impossible without an adequate assessment of the risks to which its assets are exposed. The results of such an assessment should become the basis for making decisions in the field of information security of the enterprise. Identification of information assets and assessment of their value, determination of the level of threats to the security of assets allow planning measures to create an enterprise information security system.This paper discusses a methodology for assessing the risks of information security of an enterprise, a distinctive feature and novelty of which is the use of modern tools and methods for constructing and analyzing business processes in order to identify the information assets of an enterprise to be protected.Materials and methods. It is proposed to identify information assets based on the model of business processes of the enterprise, performed using the IDEF0 methodology. Modeling of business processes was carried out in the Business Studio environment of the “Modern Management Technologies” company.The activity of a typical IT-industry company was considered as an example for the risk analysis.Results. The methodology for assessing the risks of information security of an enterprise described in the article has been successfully tested in the educational process. Its use in conducting laboratory classes in the discipline “Designing the information security system of enterprises and organizations” for masters studying in the direction of “Information security” allowed, according to the authors of the article, to increase the effectiveness of the formation of students’ professional competencies.Conclusion. The paper proposes a methodology for assessing information security risks for objects of an enterprise’s information infrastructure, which makes it possible to identify priority areas of information security at an enterprise. As a result of the application of the technique, a loss matrix is formed, showing the problem areas in the organization of information protection, which should be given priority attention when planning information security measures. Based on the data obtained, it is possible to form an economically justified strategy and tactics for the development of an enterprise information security system.

scholarly journals INFORMATION SECURITY AUDIT OF AN OPTOELECTRONIC DEVICE ENGINEERING ENTERPRISE

2020 ◽  
Vol 6 (2) ◽  
pp. 146-151
Author(s):  
Muratzhan B. Shakirov ◽  
Igor N. Karmanov
Keyword(s):  
Information Security ◽  
Development Strategy ◽  
Business Processes ◽  
Objective Assessment ◽  
Optoelectronic Device ◽  
Security Audit ◽  
Global Trend ◽  
Organization's Information Security ◽  
Enterprise Security ◽  
State Enterprises

Automated systems play a key role in supporting business processes of commercial and state enterprises. The widespread use of automated information systems for storing, processing and transmitting information makes the issues of their protection relevant, especially given the global trend towards an increase in the number of information attacks, leading to significant financial and material losses. The article demonstrates the importance of conducting an audit in the field of information security of optoelectronic instrumentation. The article discusses the stages and rules of conducting an information security audit, as well as the criteria for evaluating its results. Information security audit is one of the most efficient tools for obtaining an independent and objective assessment of the current level of enterprise security from information security threats. In addition, the audit results provide the basis for forming a development strategy for the organization’s information security system.

PERENCANAAN ARSITEKTUR ENTERPRISE MENGGUNAKAN EAP DENGAN ZACHMAN FRAMEWORK (Studi Kasus : CV BIENSI FESYENINDO)

2019 ◽  
Vol 2 (1) ◽  
pp. 1-16
Author(s):  
Anjas Tryana
Keyword(s):  
Enterprise Architecture ◽  
Business Processes ◽  
Current System ◽  
System Support ◽  
Architecture Model ◽  
Use Of Resources ◽  
Application Architecture ◽  
Data Architecture ◽  
Planning Methodology ◽  
Implementation Plans

With the development of technology today, it is very important for every company to plan and develop a system to support business processes in each company. Achieving the goals of an enterprise faces challenges and changes that require strategies for effective measures and efficient use of resources. One important and increasingly widely used strategy is the use and improvement of information system support for the enterprise. This plan can utilize enterprise architecture planning methodology that produces data architecture, application architecture, technology architecture, and the direction of its implementation plan for the enterprise.CV Biensi Fesyenindo is engaged in retail garment, with branches throughout Indonesia, covering the areas of Kalimantan, Sulawesai, NTB, NTT, Bali, Java and Sumatra. In their daily activities, they carry out production to distribution processes to meet market and employee needs.The enterprise architecture model used in this study is by using Enterprise Architecture Planning (EAP). EAP is a process of defining enterprise architecture that focuses on data architecture, applications and technology in supporting business and plans to implement the architecture, where the EAP method has several stages, starting from planning in planning, business modeling , Current System and Technology (Current System & Technology), Data Architecture (Data Architecture), Application Architecture (Applications Architecture), Technology Architecture (Technology Architecture), Implementation Plans (Implementation Plans).The results of this study are recommendations for information systems for Fesyenindo Biensi CV in the form of enterprise architecture planing blue print planning that is successful in defining 5 main business processes, which consist of application architecture data architecture and for technological architecture to produce technology architecture proposals divided into 5 chapters 110 pages .

Developing and implementing the risk management framework into business processes of Gazprom transgaz Tomsk Ltd., for implementation of the Eastern gas program of PJSC Gazprom

2020 ◽  
Vol 17 (1) ◽  
pp. 68-77
Author(s):  
V. E. Zaikovsky ◽  
A. V. Karev
Keyword(s):  
Risk Management ◽  
Human Resources ◽  
Management Information System ◽  
Business Processes ◽  
Project Success ◽  
Management Information ◽  
Timely Manner ◽  
Project Approach ◽  
Management Framework ◽  
Risk Management Framework

Project success depends on the ability to respond to risks and make correct decisions in a timely manner. The project approach provides a better framework for implementing a new management system into the company’s business processes. The risk management framework developed by the company comprises a risk management infrastructure, a set of standards, human resources, and a risk management information system. To improve staff compliance, it is necessary to provide training and to communicate the goals of the project effectively. It is also important to develop a motivation system because well trained and motivated staff are able to work more efficiently.

The impact of digitalization on business processes: case study: Kosovo SMEs

2018 ◽  
Author(s):  
Ylber Limani ◽  
Edmond Hajrizi ◽  
Rina Sadriu
Keyword(s):  
Business Processes ◽  
The Impact

Pemodelan Enterprise Arsitektur Sistem Informasi Pemesanan Jasa Percetakan Menggunakan Kerangka TOGAF

2020 ◽  
Vol 4 (2) ◽  
pp. 18
Author(s):  
Bibit - Sudarsono ◽  
Umi - Faddillah
Keyword(s):  
Information Systems ◽  
Business Process ◽  
Business Processes ◽  
Enterprise Modeling ◽  
Improve Performance ◽  
Business Opportunity ◽  
Service Information ◽  
Process Architecture ◽  
System Architecture Design ◽  
A Company

Printing service order information systems sometimes experience problems in completing running business processes including, frequent loss and inaccuracy in registering orders from customers, often also losing order data from customers, recording orders often experience errors, resulting inaccurate reporting of order data. A computerized ordering service information system will greatly help improve performance and accuracy in making reports on business processes running at a company. The existence of enterprise modeling of information systems ordering printing services with the TOGAF framework will be a method that greatly helps management make a decision that will synergize with the business process activities at the company. So that the objectives of the system can be achieved properly. The TOGAF framework can be a solution and will help to produce a system architecture design, a business process architecture, a technology architecture, a number of proposed business opportunity strategy proposals and an ongoing system change proposal.

Implementation of Booking Performance Application Using Bootstrap Case Study in PT XYZ

2019 ◽  
Vol 4 (1) ◽  
pp. 10
Author(s):  
Arfan Sansprayada ◽  
Kartika Mariskhana
Keyword(s):  
Information System ◽  
Business Processes ◽  
System Development ◽  
Basic Requirement ◽  
Application Development ◽  
Information System Development ◽  
Special Expertise ◽  
A Company ◽  
Need For Information

Abstract—The need for information system development in a company is a basic requirement that must be met by each company in order to run its business processes properly. This is the basic key in a company in order to provide maximum results to find as many profits or profits. Application development or requirements in the application also provide speed for employees to carry out their activities to work properly and optimally. The development of the era requires that companies must be productive and have innovations so that the business wheel of the company can run well. This is based on the development of technology that is so fast that it requires special expertise in its application. This research is expected to be able to help some problems that exist in a company. Where its application can make it easier for employees to carry out their respective duties and roles in order to maximize their potential. For companies, the application of this application can accommodate the company's business wheels so that they can be properly and correctly documented .   Keywords : Systems, Information, Applications

Strategic Planning Information Systems Enterprise Architecture Planning Method Case Study of Semarang City Public Works Department

2020 ◽  
Vol 2 (1) ◽  
pp. 114-122
Author(s):  
Agustinus Fritz Wijaya ◽  
Mahendra Wahyu Prasetyo
Keyword(s):  
Information Systems ◽  
Value Chain ◽  
Enterprise Architecture ◽  
Business Processes ◽  
Swot Analysis ◽  
Public Works ◽  
Value Chain Analysis ◽  
Application Architecture ◽  
Chain Analysis ◽  
The City

Semarang City Public Works Department is a state-owned enterprise that works in the area of public services in the city of Semarang. Most of the technological conditions in the Public Works Department are still in manual data management, which is hampering business processes from going well. Therefore this research was conducted to design an Information System at the Semarang City Public Works Department using the Enterprise Architecture Planning (EAP) method which includes a SWOT analysis and Value Chain analysis. The existing framework in the Enterprise Architecture Planning (EAP) method can help align the data architecture and application architecture to get the expected results, which is achieving the business objectives of the City of Semarang Public Works Department so that business functions can run by the desired business processes. This research resulted in several proposals for the development of Information Systems and Information Technology in organizations including the development of several applications in the next 5 years.

Sign in / Sign up

Export Citation Format

Share Document