Business Process Round Table
Forensic-Ready Information Security through Business Processes
Abstract: The topic of the session shall be security and forensic-ready risk management guided by BPMN. Starting with a business process model of the information system, we show how to elicit the goals of forensic readiness and a relevant security risk landscape, and how to use the models in analysis. The overall aim is to introduce forensic readiness into an information system. That means maximising the value of the evidence available in the systems, making them ready to respond to incidents, legal actions, disputes, compliance reasons, and release orders.
Such a forensic-ready system complements information security processes by accounting for the observability of events and the response to risk events. Based on the processes, it provides a structured and tool-supported way to identify business goals, available evidence, and relevant risks. These activities can increase the organisation’s overall security and forensic readiness posture.