Modeling and Reconfiguration of critical Business Processes for the purpose of a Business Continuity Management respecting Security Risk and Compliance requirements at Credit Suisse using Algebraic Graph Transformation: Extended Version
[en] Critical business processes can fail. A Business Continuity Management System is a special
management system that will de ne how to recover from such failures and speci es temporary
work-arounds to make sure a company is not going out of business in the worst case. However,
because today's implementations are primarily organizational best-practice solutions, their
security, risk and compliance issues in such a recovery situation are mostly unknown.
Algebraic graph theory can be used as a formal method supporting employees when running business processes need to be recon gured to recover from speci c failures. The example
discussed is a loan granting process in a real-world banking environment. Because such a
process has to respect certain laws, regulations and rules even in emergency situations, we
sketch how this can be done during the process recon guration by looking at security, risk
and compliance issues, compatible with the graph technique. Furthermore, we show how the
analysis can be extended to requirements concerning the information
ow using the process
algebra mCRL2.
Disciplines :
Computer science
Author, co-author :
Brandt, Christoph
Hermann, Frank ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Groote, Jan-Friso
Language :
English
Title :
Modeling and Reconfiguration of critical Business Processes for the purpose of a Business Continuity Management respecting Security Risk and Compliance requirements at Credit Suisse using Algebraic Graph Transformation: Extended Version
