Modeling and analyzing risk is one of the most critical activity in system engineering and approaches like Fault Tree Analysis, Event Tree Analysis, Failure Modes and Criticality Analysis have been proposed in literature. All these approaches focus on the system-to-be without considering the impact of the associated risks to the organization where the system will operate. On the other hand, the tendency is more and more to consider software development as a part of organizational development. In this paper, we propose a framework to model and reason about risk at organizational level, namely considering the system-to-be along the organizational setting. The framework extends Tropos, a methodology that has been proved effective in modeling strategic interests of the stakeholders at organizational level. We introduce a number of different means that help the analyst to identify and enumerate relevant treatments for risk mitigation. Experimental results are finally presented and discussed.
Modelling and Analysing Risk at Organizational Level / Asnar, Yudistira; Giorgini, Paolo. - ELETTRONICO. - (2006), pp. 1-20.
Modelling and Analysing Risk at Organizational Level
Asnar, Yudistira;Giorgini, Paolo
2006-01-01
Abstract
Modeling and analyzing risk is one of the most critical activity in system engineering and approaches like Fault Tree Analysis, Event Tree Analysis, Failure Modes and Criticality Analysis have been proposed in literature. All these approaches focus on the system-to-be without considering the impact of the associated risks to the organization where the system will operate. On the other hand, the tendency is more and more to consider software development as a part of organizational development. In this paper, we propose a framework to model and reason about risk at organizational level, namely considering the system-to-be along the organizational setting. The framework extends Tropos, a methodology that has been proved effective in modeling strategic interests of the stakeholders at organizational level. We introduce a number of different means that help the analyst to identify and enumerate relevant treatments for risk mitigation. Experimental results are finally presented and discussed.| File | Dimensione | Formato | |
|---|---|---|---|
|
modelling_and_analysing_risk_at_organizational_level.pdf
accesso aperto
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.08 MB
Formato
Adobe PDF
|
1.08 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
