An enterprise assurance framework
نویسندگان
چکیده
This paper explores generating and conveying confidence in enterprise security. An enterprise assurance framework provides a structure enterprise assurance evidence that strengthens and clarifies the overall enterprise assurance argument. The structure and components of these arguments are defined and then applied to an enterprise. Finally, standards of evidence and evidence trade-offs are mentioned. This paper is largely based on a recent NIST internal report called “A Framework for Reasoning about Assurance.”
منابع مشابه
IA OM as an Enterprise Risk Management Metric
Ting and Comings [1] described how to use the Information Assurance (IA) Object Measurement (OM®) metric as a tool to measure the monitoring step (Step 6) described in the United States (U.S.) National Institute of Standards and Technology’s (NIST) Risk Management Framework (RMF)1 [2]. This chapter expands the applicability of the IA OM® metric and shows how it may be used as an enterprise-wide...
متن کاملReputation Risk Management in the Framework of Enterprise Risk Management: Evidences from an Active Financial Institution in the Capital Market of Iran
Reputation risk as one of the most important risks in any competitive industry and market should be considered before all the risks of the enterprise which also affects other risks. This research aims to review and manage reputation risk in the framework of enterprise risk management. Considering the importance of the subject and lack of available studies in this field, the innovation of presen...
متن کاملProviding an Enterprise Architecture Framework Model for Laboratory Information Management Systems by Service Oriented Approach
Background and Aim: Laboratories are one of the most important scientific and research centers. Laboratory information management systems provide a platform for recording the information and collaborating between researchers. The main purpose of this study was suggesting an organizational architecture model of laboratory information management systems. Materials and Methods: This study was a ...
متن کاملAutomatic Generation of Interaction Models for Enterprise Software Environment Emulation
In modern enterprise software environments, software systems often need to cooperate with other systems to fulfil their responsibilities. A significant challenge is how to assure the quality of such software systems before deploying them in realistic software environment. Enterprise software environment emulation is an emerging technique for quality assurance. By replacing software systems with...
متن کاملAn Integrated Enterprise Resources Planning (ERP) Framework forFlexible Manufacturing SystemsUsing Business Intelligence (BI)Tools
Nowadays Business intelligence (BI) tools provide optimal decision making, analyzing, controlling and monitoring of operations in enterprise systems like enterprise resource planning (ERP) and mainly refer to strong decision making methods used in online analytical processing, reporting and data analysis, such as improve internal processes, analysis of resources, information needs analysis, red...
متن کامل