Engineering Support for. Business Continuity Planning. Alvaro E. Arenas1, Philippe Massonet2,. Christophe Ponsard2 and Benjamin Aziz3. 1 IE Business ...
Goal-Oriented Requirements Engineering Support for Business Continuity Planning Alvaro E. Arenas1, Philippe Massonet2, Christophe Ponsard2 and Benjamin Aziz3 1 IE 2 3
Business School, IE University, Madrid, Spain. CETIC Research Centre, Charleroi, Belgium.
School of Computing, University of Portsmouth, Portsmouth, U.K.
MReBA 2015 - Stockholm, October 2015
Agenda • Introducing business continuity management (BCM) • Our approach to improve business continuity management using goal-oriented requirements • Description of the approach • Conclusions, limitations and future work
The cost of not acting in a situation of crisis can be very high…
1997, forced to stop production for 20 days due to problems in a provider. Losses around U$ 195 million
1998, operating system failures left the company out for 22 hours. Lost between U$ 3 and U$ 5 million and 26% reduction in value of the stock
It is not only about technology …
Business Continuity Management (BCM) • Ensure the continuity of critical business functions in an organization after a business interruption • Recovery a business function aims at maintaining corporate goals • such as preservation of the customer base, restore IT systems, ensure cash flow, maintain corporate image …
Several Approaches to BCM • • • •
ISO 22301 Standard ENISA D’Amico three phases …
• All have three interdependent objectives: • Identify major risks of business interruptions (requires the identification of key assets/functions) • Develop a business continuity plan (BCP) to mitigate or reduce the impact of the identified risks • Train employees and test the plan to ensure it is effective
Objective of the Research • BCM is criticized for no taking a holistic approach when analyzing the organization, and a lack of clear understanding of responsibilities in the BCP
• We investigate the use of Goal Oriented Requirements Engineering (GORE) techniques to help in the development of a BCP with the aim of overcoming these limitations
Agenda • Introducing business continuity management (BCM) • Our approach to improve business continuity management using goal-oriented requirements • Description of the approach • Conclusions, limitations and future work
Underlying Approach
ENISA Framework to BCM Main target: SMEs
Running Case Study • BCM for a dental equipment supplier • Company supplies both equipment and their maintenance • Most customers have annual maintenance contracts • Some have special contracts for expedite repair in case of equipment breakdown
Target GORE meta-model
Goal-Oriented Requirements Engineering
GORE Business Continuity Process
Agenda • Introducing business continuity management • Our approach to improve business continuity management using goal-oriented requirements • Description of the approach • Conclusion, limitations and future work
1. Select Risk Profile • Target four areas: legal and regulatory, reputation and customer confidence, productivity and financial stability risks • We assume that the risk profile selection has been done prior to modelling and that it is an input to the modelling process • Those risk areas are modelled as goals/obstacles and refined
• Risks related to regulation must be modelled as obstacles to goals for regulation and customer satisfaction
2. Critical Assets Identification • Critical business functions are functions whose interruption will lead to an organization suffering from serious financial, legal and/or other loss or penalty • For each critical business function, it is identified who is responsible for it and which assets are used in the function • Involve three steps:
• 2.1. ”Business Function Selection” • 2.2. ”Select Asset Types” • 2.3. ”Asset Continuity Requirements Analysis”
Critical Assets Identification
2.1 Business Function Selection • Critical business functions are identified as Goals because those functions directly relate to key organizational objectives
Critical Assets Identification 2.2. Select Asset Types • Object model capture all entities (mainly assets) and relationships bound to critical business functions
• Include agents responsible for the operations and objects involved
Critical Assets Identification
2.2. Asset Continuity Requirements Analysis • Aim at identifying the continuity requirements of main assets • We focus on obstacles to critical business functions using KAOS obstacle model
3. Control Selection • Controls refer to measures defined to control the identified risks • Involve three steps: • 3.1. ”Select Organizational Continuity Controls” • Applicable to the organization horizontally and are concerned with practices and management procedures
• 3.2. ”Select Asset-Based Continuity Controls” • Applicable to particular critical assets
• 3.3. ”Document List of Selected Controls”
3. Control Selection • The first two steps are modelled as obstacle resolutions • Obstacle resolution identifies new requirements that provide resolutions to the goal obstacles
• Step3 of the phase corresponds to documenting the selecting controls and presenting the rationale for the selection • This documentation is generated from the model using a requirements report generator
3. Control Selection • Using obstacle resolution operator both for organization and asset-based control • Different resolution tactics available: obstacle-driven, agent-driven, mitigate or ignore,… • Responsible agent identified at role or even possibly at instance level • Not done “once for all” (risk mitigation never complete) – notion of residual risk
4. Implementation and Management • For the BCP to be realizable, the proposed controls must be available
• Usually involve a gap analysis with respect to the existing practices
• GORE provide strong support to this because by comparing the as-is with to-be situation
• Both models generally share goals but could differ in more specific requirements and operationalization
• Based on the rich GORE model, generating the BCP is just a matter of querying the appropriate information to feed the right section of the plan
4. Implementation and Management • We implemented the described mapping in the Objectiver GORE tool, which supports report generation both to text (RTF, ODT) and table format (XLS, ODS)
Instance Level Example Generation of instance level responsibility tables • with concrete roles and attribute • such as John Smith should be the QualityControl agent with cell phone +04 65 78 98 00 • of course requires instance level modelling SELECT t.name as Role, s.Name as Name, s.Firstname as Firstname, s.Tel as Tel FROM Agent.instances as s, s.directIsOf as t WHERE t.name=“QualityControl” Role
Name
Firstname
Tel
Customer relationships
Gardner
Ana
+04 65 78 98 33
Customer relationships
Peal
Emma
+04 65 78 98 22
QualityControl
Johnson
Robert
+04 65 78 98 88
QualityControl
Smith
John
+04 65 78 98 00
GORE Business Continuity Process (recap)
Agenda • Introducing business continuity management • Our approach to improve business continuity management using goal-oriented requirements • Description of the approach • Conclusions, limitations and future work
Conclusions • BCM analysis is mostly a document intensive informal process driven by human analysts • The analysis produces a BCP that aims to operationally guarantee that key business functions are resilient in the face of serious incidents
• This paper has investigated how a GORE-based modeldriven approach could be applied to BCM analysis • The phases of the BCM analysis were modelled in terms of a goal-oriented requirements engineering methodology, improving quality of the analysis • The BCP is derived from the model, thus improving its quality compared to a human-driven semi-informal BC process, also improving updates.
Limitations and Future Work • A limitation in our work is the lack of empirical validation of the proposed approach • This is our next objective, and we are currently working with some European SMEs in the development of their BCP using our approach
• Additional future work includes: • Refining the mapping between BCM concepts and RE concepts • Investigating how formalizing some BCM properties in terms of requirements could enhance the BCP
