Submission of the final report on December 15 completed the ITSE project. ITSE (Improvement of IT-Security in Enterprises based on Process Analysis and Risk Patterns) was a joint project of University of Tartu (Estonia), Riga Technical University (Latvia), and the Chair of Business Information Systems funded by Baltisch-Deutsches Hochschulkontor.
More about the ITSE project: The importance of introducing security engineering practices early in the development of information systems has been acknowledged. A new approach for security requirements elicitation from business processes (SREBP) supports identification of a complete set of security requirements in an efficient way. This contributes to improving IT-security in enterprises and secured enterprise architectures. The main goal of the project was to improve this approach for use in small and medium-sized enterprises (SME) and to incorporate it into enterprise architecture development cycle, creating a set of guidelines. Among the results are an enhanced SREBP method version and a tutorial, which were used in three companies.