Masterarbeit, 2020
86 Seiten, Note: 1.0
The objective of this master's thesis is to develop an automated assessment framework for IT security risks within enterprise architectures. This framework aims to provide a comprehensive, company-wide view of threats, overcoming the limitations of siloed traditional approaches. The research employs a design science research paradigm.
Chapter 1: Introduction: This chapter introduces the problem of increasing complexity in enterprise architectures and associated IT security risks, highlighting the limitations of traditional, siloed risk management approaches. It establishes the need for an automated, comprehensive assessment framework and outlines the thesis's objective: to develop the Enterprise Architecture Management Risk Assessment (ERA) framework. The chapter lays the groundwork for the subsequent chapters, explaining the research methodology and the structure of the thesis.
Chapter 2: Related Work: This chapter reviews existing literature on IT risk management and enterprise architecture management, identifying relevant concepts and approaches. It analyzes the strengths and weaknesses of current methodologies for assessing IT security risks and lays the foundation for the design of the novel ERA framework. This section explores the gaps in existing literature that the thesis intends to address, contextualizing the significance of the proposed framework within the current state of the field. The analysis of previous works critically evaluates their effectiveness and limitations, leading to a clear justification for the need for a new approach.
Chapter 3: Methodology: This chapter details the research methodology employed in developing the ERA framework. It explains the adoption of the design science research paradigm, outlining the iterative process of problem analysis, requirements gathering, artifact design, prototyping, implementation, and evaluation. This section justifies the selection of the design science research approach and explains how this approach is used to guide the development and evaluation of the ERA framework, demonstrating a clear understanding of the research process.
Chapter 4: Development of the ERA Framework: This chapter presents the detailed design and development of the ERA framework. It describes the architecture, functionality, and key components of the framework, explaining how it integrates concepts from IT risk management and enterprise architecture management. The chapter elaborates on the design choices and decisions made during the development process, justifying the selected architecture and functionality based on the requirements gathered in previous chapters. It outlines the technical details of the ERA framework, providing a clear understanding of its inner workings and capabilities.
Chapter 5: Case Study and Evaluation: This chapter describes the prototypical implementation and evaluation of the ERA framework as a dashboard solution within a case study with a German bank. The evaluation, conducted in two iterations—qualitative via expert interviews and quantitative via a survey— assesses the usability, usefulness, and non-triviality of the framework. The findings of both qualitative and quantitative evaluations are presented, including feedback from experts and survey participants. The chapter analyzes the results, highlighting strengths and weaknesses of the implemented framework and identifying potential areas for improvement.
IT security risk assessment, enterprise architecture management, automated risk assessment, design science research, ERA framework, dashboard solution, IT risk management, case study, qualitative evaluation, quantitative evaluation.
The primary objective is to develop an automated assessment framework for IT security risks within enterprise architectures. This framework aims to provide a comprehensive, company-wide view of threats, addressing limitations of traditional, siloed approaches.
The research employed a design science research paradigm, following an iterative process of problem analysis, requirements gathering, artifact design, prototyping, implementation, and evaluation.
The developed framework is called the Enterprise Architecture Management Risk Assessment (ERA) framework.
Key themes include automated IT security risk assessment, the integration of IT risk management and enterprise architecture management, the development of the ERA framework, its prototypical implementation and evaluation, and contributions to research at the interface of IT security and enterprise architecture management.
The thesis details the architecture, functionality, and key components of the ERA framework in Chapter 4. It explains how it integrates concepts from IT risk management and enterprise architecture management and justifies the design choices made during development.
The ERA framework was evaluated through a case study with a German bank. Evaluation involved two iterations: qualitative evaluation via expert interviews and quantitative evaluation via a survey, assessing usability, usefulness, and non-triviality.
Chapter 1 introduces the problem and the thesis objective. Chapter 2 reviews existing literature. Chapter 3 details the research methodology. Chapter 4 presents the ERA framework's design and development. Chapter 5 describes the case study and evaluation. Chapter 6 (Conclusion) is excluded per instructions.
Key words include IT security risk assessment, enterprise architecture management, automated risk assessment, design science research, ERA framework, dashboard solution, IT risk management, case study, qualitative evaluation, and quantitative evaluation.
The ERA framework was prototypically implemented as a dashboard solution within a case study with a German bank.
Both qualitative data (expert interviews) and quantitative data (a survey) were collected and analyzed to evaluate the usability, usefulness, and non-triviality of the ERA framework.
Der GRIN Verlag hat sich seit 1998 auf die Veröffentlichung akademischer eBooks und Bücher spezialisiert. Der GRIN Verlag steht damit als erstes Unternehmen für User Generated Quality Content. Die Verlagsseiten GRIN.com, Hausarbeiten.de und Diplomarbeiten24 bieten für Hochschullehrer, Absolventen und Studenten die ideale Plattform, wissenschaftliche Texte wie Hausarbeiten, Referate, Bachelorarbeiten, Masterarbeiten, Diplomarbeiten, Dissertationen und wissenschaftliche Aufsätze einem breiten Publikum zu präsentieren.
Kostenfreie Veröffentlichung: Hausarbeit, Bachelorarbeit, Diplomarbeit, Dissertation, Masterarbeit, Interpretation oder Referat jetzt veröffentlichen!
Kommentare