Model-based mitigation of availability risks

E. Zambon, D. Bolzoni, S. Etalle, M. Salvato

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    9 Citations (Scopus)
    6 Downloads (Pure)


    The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for risk assessment and mitigation show limitations when evaluating and mitigating availability risks. This is due to the fact that they do not fully consider the dependencies between the constituents of an IT infrastructure that are paramount in large enterprises. These dependencies make the technical problem of assessing availability issues very challenging. In this paper we define a method and a tool for carrying out a risk mitigation activity which allows us to assess the global impact of a set of risks and to choose the best set of countermeasures to cope with them. To this end, the presence of a tool is necessary, due to the high complexity of the assessment problem. Our approach can be integrated in present risk management methodologies (e.g. COBIT) to provide a more precise risk mitigation activity. We substantiate the viability of this approach by showing that most of the input required by the tool is available as part of a standard business continuity plan, and/or by performing a common tool-assisted risk management.
    Original languageEnglish
    Title of host publicationProceedings of the 2nd Business-Driven IT Management (BDIM 2007) 21-22 May 2007, Munich, Germany
    PublisherInstitute of Electrical and Electronics Engineers
    ISBN (Print)1-4244-1295-1
    Publication statusPublished - 2007
    Eventconference; BDIM 2007, Munich, Germany; 2007-05-21; 2007-05-22 -
    Duration: 21 May 200722 May 2007


    Conferenceconference; BDIM 2007, Munich, Germany; 2007-05-21; 2007-05-22
    OtherBDIM 2007, Munich, Germany


    Dive into the research topics of 'Model-based mitigation of availability risks'. Together they form a unique fingerprint.

    Cite this