Developing an Empirical Relationship to Propose an Information Security Assurance Model for Collaborating Business Processes

摘要

During the last few decades, organizations have re-engineered business processes on the back of digital data and computer networks. Recently, organizations are beginning to realize that increased accessibility, and productivity, carries a hidden cost of making the data more vulnerablein security breaches. It makes intuitive sense to incorporate information security into strategic decisionmaking during business process. Consequentially, companies are often enhanced sub-optimally retrofit security into their business processes in response to security breaches. The presentinvestigation presents an information security risk analysis proactively conducted at an internationally well renowned business organization. The prime goal of the study was to propose an information security assurance model for collaborating business processes. The business processes haveto handle sensitive information either in structured or unstructured forms that may be leaked by security flaws in business transactions. An empirical model of a risk based enhanced security for business processes is proposed with suitable metrics during the integration of the structured andunstructured information for business continuity. This research also describes the dynamic activation of appropriate safeguards; prevention and recovery from risks due to both the structured and unstructured information were considered. The expected business continuity (EBC) in business importanceand attack security index is proposed from the standards towards the security compliances.