Sustaining Operational Resiliency: A Process Improvement Approach to Security Management

Abstract

Organizations face an ever-changing risk environment. The risk that emanates from the day- to-day activities of the organization, operational risk, is the subject of increasing attention, particularly in the banking and finance industry, because of the potential to significantly disrupt an organization's pursuit of its mission. Security, business continuity, and IT operations management are activities that traditionally support operational risk management. But collectively, they also converge to improve the operational resiliency of the organization the ability to adapt to a changing operational risk environment as necessary. Coordinating these efforts to sustain operational resiliency requires a process-oriented approach that can be defined, measured, and actively managed. This report describes the fundamental elements and benefits of a process approach to security and operational resiliency and provides a notional view of a framework for process improvement.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 01, 2006
Accession Number
ADA446757

Entities

People

  • Richard A. Caralli

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Business Administration
  • Commerce
  • Computer Network Security
  • Information Security
  • Information Systems
  • Law
  • Management Personnel
  • Operations Management
  • Organizational Structure
  • Personnel Management
  • Risk
  • Risk Management
  • Security
  • Software Development
  • Supply Chain Management
  • United States
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Economics
  • Systems Analysis and Design