Business driven ICT risk management in the banking domain with RACOMAT

Viehmann, Johannes

2017

Conference Paper

Abstract

Bringing business risk management and technical security risk management together is one of the major challenges banks currently struggle with in order to increase their resilience against cyber security threats. This short paper presents a systematic approach for such an integrated security risk management which is currently developed in cooperation with a system-relevant bank. The approach uses well known methods and existing standards, it takes advantage of knowledge databases and available generic domain specific models. A first case study has just started. With tool support and especially with a high level of automation the presented approach might become applicable even for large banks.

Author(s)

Viehmann, Johannes

Fraunhofer-Institut für Offene Kommunikationssysteme FOKUS

Hauptwerk

Risk Assessment and Risk-Driven Quality Assurance. 4th International Workshop, RISK 2016

Konferenz

International Workshop on Risk Assessment and Risk-Driven Testing (RISK) 2016

International Conference on Testing Software and Systems (ICTSS) 2016

Options

Business driven ICT risk management in the banking domain with RACOMAT