|
Title:
|
AUTOMATED MITIGATION OF IT RISKS IN AN ENTERPRISE RESOURCE PLANNING ENVIRONMENT |
|
Author(s):
|
Sohail Asghar , Abdul Mateen |
|
ISBN:
|
978-972-8924-57-7 |
|
Editors:
|
Miguel Baptista Nunes, Pedro IsaĆas and Philip Powell |
|
Year:
|
2008 |
|
Edition:
|
Single |
|
Type:
|
Short Paper |
|
First Page:
|
251 |
|
Last Page:
|
255 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
In the recent years, Enterprise Resource Planning (ERP) has gained much attention from researchers due to its complex
and risky nature in business enterprises. Therefore, the automation of business processes by the adoption of Enterprise
Resource Planning is associated with various risks within an organization, mainly due to electronic information and
process. Such risks are mainly related to three aspects of ERP which includes data, process, and security. There exist
well defined frameworks within organizations to control these risks manually. The past research has also identified and
categorized the risks that arise by the adoption of an ERP. It is evident from the literature review that significant work
has not been carried out to automate the control of these risks. Therefore, the objectives of this paper are two fold; (i)
based on the limitations of the previous work; to propose a conceptual framework which automatically monitors different
types of control risks by introducing computerized and automated monitoring procedures. Such procedures identify,
capture and trigger the unusual events related to data, process, and security behaviors; and (ii) to validate and evaluate the
procedures and the proposed framework by using an example application scenario. |
|
|
|
|
|
|
