BUSINESS PROCESSES MANAGEMENT AS SUPPORT TOOL IN THE INFORMATION SECURITY MANAGEMENT
The processes that involve the information and knowledge management on organizations require the definition of processes related to information security management. In this sense, business process management approach is an important support tool, both in view as the mapping and definition of its processes. The aim of this paper is to present a report of experience with the use of business process management with a focus on processes of information security. Using the case study technique, was observed in an information security core of a public institution of higher education, an initiative in which the processes were mapped and improved. In this paper is described the process of releasing public IP address that was modeled using BPMN notation. In this process, opportunities for improvement were identified during the analysis and modeling of its current state. These improvements were represented during the modeling of the future status process. As a result indicates that the analysis of vulnerabilities and compliance audit activities are the main improvements that have been implemented in this case. With regard to business process management initiative observed in the case study, it was found that the perspective of business processes can assist in information security management as it allows review activities and resources used to plan and formalize how to manage and communicate processes involved.
PaperID: p 2756-2770
Author's Name: Fernando Della Flora and Cristiano Tolfo
Volume: Volume 6
Issues: Volume 6
Keywords: Information security management; business processed management; process modeling; BPMN.