TY - GEN
T1 - Computer systems & information SSR
T2 - 2007 53rd Annual Reliability and Maintainability Sympsoium, RAMS
AU - Shirtz, Dov
AU - Bluvband, Zigmund
AU - Elovici, Yuval
AU - Shoval, Peretz
PY - 2007/8/2
Y1 - 2007/8/2
N2 - Safety, Security and Reliability (SSR) of complex systems are the three interacting and most important risk related factors. In many cases of failure events, the Security function assumes charge, and manages the failure event and its resolution. But does the Security function consistently apply the optimal failure resolution methods? This paper proposes that several organizational functions, including Information Security (IS), should analyze, manage, and resolve each failure case in a coordinated effort, based on the failure classification and prioritization, and then apply appropriate Corrective Actions (CA). Such coordination may result in applying a CA that is sub-optimal by Security standards, yet optimal from the organization's perspective. An innovative composite methodology for identifying, prioritizing and selecting failures and incidents for appropriate treatment is suggested. The methodology is based on organizational priorities, knowledge and considers the analyses results of End Effects (EE), solutions and CAs.
AB - Safety, Security and Reliability (SSR) of complex systems are the three interacting and most important risk related factors. In many cases of failure events, the Security function assumes charge, and manages the failure event and its resolution. But does the Security function consistently apply the optimal failure resolution methods? This paper proposes that several organizational functions, including Information Security (IS), should analyze, manage, and resolve each failure case in a coordinated effort, based on the failure classification and prioritization, and then apply appropriate Corrective Actions (CA). Such coordination may result in applying a CA that is sub-optimal by Security standards, yet optimal from the organization's perspective. An innovative composite methodology for identifying, prioritizing and selecting failures and incidents for appropriate treatment is suggested. The methodology is based on organizational priorities, knowledge and considers the analyses results of End Effects (EE), solutions and CAs.
KW - Decision making
KW - Safety
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=34547341055&partnerID=8YFLogxK
U2 - 10.1109/RAMS.2007.328110
DO - 10.1109/RAMS.2007.328110
M3 - Conference contribution
AN - SCOPUS:34547341055
SN - 0780397665
SN - 9780780397668
T3 - 2007 Proceedings - Annual Reliability and Maintainability Symposium, RAMS
SP - 427
EP - 433
BT - 2007 Annual Reliability and Maintainability Symposium
Y2 - 22 January 2006 through 25 January 2006
ER -