• Aucun résultat trouvé

Presentation Asdenca 2015 paper

N/A
N/A
Info
Télécharger
Protected

Academic year: 2021

Partager "Presentation Asdenca 2015 paper"

Copied!
26
0
0

Chargement.... (Voir le texte intégral maintenant)

Texte intégral

(1)

RESEARCH OUTPUTS / RÉSULTATS DE RECHERCHE

Author(s) - Auteur(s) :

Publication date - Date de publication :

Permanent link - Permalien :

Rights / License - Licence de droit d’auteur :

Bibliothèque Universitaire Moretus Plantin

Institutional Repository - Research Portal

Dépôt Institutionnel - Portail de la Recherche

researchportal.unamur.be

University of Namur

Presentation Asdenca 2015 paper

Feltus, Christophe; Fontaine, François-Xavier; Grandry, Eric

Publication date:

2015

Document Version

Peer reviewed version

Link to publication

Citation for pulished version (HARVARD):

Feltus, C, Fontaine, F-X & Grandry, E 2015, Presentation Asdenca 2015 paper..

General rights

Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain

• You may freely distribute the URL identifying the publication in the public portal ?

Take down policy

If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.

(2)

ASDENCA 2015

1

Towards Systemic Risk Management in the frame of

Business Service Ecosystem

(3)

The challenge

Introducing the case study

The involved actors

The solution

The domain metamodel

The risk metamodel

The ArchiMate language

How it works

Paper files archiving services

Regulated Support-PFS services

Conclusion and future work

OUTLINE

(4)

The challenge

Introducing the case study

The involved actors

The solution

The domain metamodel

The risk metamodel

The ArchiMate language

How it works

Paper files archiving services

Regulated Support-PFS services

Conclusion and future work

OUTLINE

(5)

Telecommunication Ecosystem

Data Centers

Telecom

Service

Providers

Business Service Ecosystem

INTRODUCTION

4

Financial Ecosystem

Support-PFS

PFS

Government

Bodies

Customers

Trust!

Financial

Regulator

(CSSF)

Telecom

Regulator

(ILR)

Data Prot.

Regulator

(CNPD)

(6)

In July 2012, the circular CSSF 12/544 “Risk Based Approach” was released.

Within the CSSF mission of protecting the stability of the financial sector and

guaranteeing compliance with the applicable financial regulation, the aim of the

circular is to optimise the supervision framework applicable to the

Support-PFS by introducing the concept of “Risk Based Approach”.

Key points :

The development and implementation of a specific risk management system within

the Support-PFS

The self-assessment of the entity’s risks

The issuance of an annual Risk Analysis Report to the CSSF

The issuance of an annual Descriptive Report to the CSSF

THE CASE STUDY

(7)

The Commission de Surveillance du Secteur Financier is a public institution which

supervises the professionals and products of the Luxembourg financial sector. It

supervises, regulates, authorises, informs, and, where appropriate, carries out on-site

inspections and issues sanctions. Moreover, it is in charge of promoting transparency,

simplicity and fairness in the markets of financial products and services and is

responsible for the enforcement of laws on financial consumer protection and on the

fight against money laundering and terrorist financing.

For more information:

www.cssf.lu

CSSF

THE ACTORS

(8)

A key player in research and innovation in Luxembourg, the Luxembourg Institute of

Science and Technology (LIST) covers with its 630 employees the domains of materials,

environment and IT. As an RTO (Research and Technology Organisation) and with its

interdisciplinary impact-driven approach, LIST contributes to the development of

Luxembourg’s economy and society.

For more information:

www.list.lu

LIST

THE ACTORS

(9)

“Any organization where the operational activities of which are

financed by external stakeholder may be considered as an enterprise.”

Source: Capability-Based Business Model Transformation, Martin Henkel, Ilia Bider, Erik Perjons,

ASDENCA 2014

Extending the frontier of the system beyond the frontier of the enterprise

Moving towards the systemic risk management

Why did we accept this challenge?

MOTIVATION

(10)

The challenge

Introducing the case study

The involved actors

The solution

The domain metamodel

The risk metamodel

The ArchiMate language

How it works

Paper files archiving services

Regulated Support-PFS services

Conclusion and future work

OUTLINE

(11)

1) A metamodel for modelling the

ecosystem capabilities and resources

SOLUTION

10

Sandkuhl, K., Koç, H.: On the Applicability of Concepts from

Variability Modelling in Capability Modelling: Experiences

from a Case in Business Process Outsourcing, ASDENCA

2014, Greece

2) A risk management approach

based on the ISSRM metamodel

Mayer, N., Heymans ,P., Matulevicius, R.: Design of a

Modelling Language for Information System Security Risk

Management, RCIS, 2007

3) A language to sustain the

systemic risk management

Grandry, E., Feltus, C., Dubois, E.: Conceptual Integration of

Enterprise Architecture Management and Security Risk

Management, SOEA4EE, EDOC WS, 2013

(12)

Business Service Ecosystem (BSE) Metamodel

MODELLING THE ECOSYSTEM

11

e

co

sy

st

e

m

le

ve

l

e

nt

er

pr

is

e l

ev

el

Capability:

The ability and capacity that enable an

enterprise to achieve a business goal in a

certain context. (A: the ability to regulate

the ecosystem) (B: capacity to provide

financial advice)

Resource:

An asset that an organization has or can

call upon. (A: employees that manage the

ecosystem) (B: financial asset

management software)

Goal:

A desired state of affairs that needs to be

obtained. (A: guarantee the delivery of

secure financial services) (B: make profits)

Service:

Acts performed for others, including the

provision of resources that others will use.

specializes

specializes

(13)

BSE instantiated to the financial ecosystem

MODELLING THE ECOSYSTEM

(14)

Information System Security Risk Management Model

ISSRM

(15)

Mapping ISSRM – BSE metamodel

MODELLING THE RISKS

(16)

ARCHIMATE LANGUAGE

(17)

The challenge

Introducing the case study

The involved actors

The solution

The domain metamodel

The risk metamodel

The ArchiMate language

How it works

Paper files archiving services

Regulated Support-PFS services

Conclusion and future work

OUTLINE

(18)

Use case: Paper files archiving services

ENTERPRISE RISK LANGUAGE

(19)

Use case: Paper files archiving services (2/2)

MODELLING THE RISKS

(20)

Use case: Regulated Support-PFS services

SYSTEMIC RISK LANGUAGE

(21)

Use case: Regulated Support-PFS services

SYSTEMIC RISK LANGUAGE

(22)

The challenge

Introducing the case study

The involved actors

The solution

The domain metamodel

The risk metamodel

The ArchiMate language

How it works

Paper files archiving services

Regulated Support-PFS services

Conclusion and future work

OUTLINE

(23)

Risk management at system level:

The BSE metamodel built from the capability-resource pattern

The ISSRM – BSE mapping

The ArchiMate language extension to represent the risk management

We have demonstrated:

The use of a few concepts to model a complex ecosystem

Risk management at enterprise level can be raised at ecosystem level

(fractal pattern)

The Archimate mapping brings a language and the link between risk

management and enterprise architecture

Our contributions

CONCLUSION

(24)

Future work:

Deepening the relationship between enterprise risk and systemic risk

Deepening the role of the service as a hyphen between both levels

Improving the variability aspect by raising the context to the ecosystem level

New perspectives:

Extension to other purposes than risk management (business alignment,

process assessment, compliance)

Extension to systems with many regulators

Extension outside the boundaries of the ecosystem (link regulators from

multiple ecosystems)

New perspectives and future work

CONCLUSION

(25)

THANK YOU FOR LISTENING

24

(26)

REFERENCES

References

• España, S., González, T., Grabis, J., Jokste, L., Juanes, R., Valverde, F.: Capability-Driven Development of a SOA Platform: A Case Study. ASCDENCA 2014, Greece.

• Stirna, J.: Capability as a Service in digital enterprises, position presentation at “Digital Business Innovation Paths” Event - How to take Digital Business Innovation to the next level? July 8, 2014, Belgium.

• Helfat, C. E., Winter, S. G.: Untangling Dynamic and Operational Capabilities: Strategy for the (N)ever-Changing World, Strat. Mgmt. J., Vol 32/11.

• Henkel, M., Bider, I., Perjons, E.: Capability-Based Business Model Transformation. L. S. Iliadis, M. P. ASCDENCA 2014, Greece.

• Teece, D. J., Pisano, G., Shuen, A.: Dynamic Capabilities and Strategic Management, Strategic Management Journal, Vol. 18, No. 7. (Aug., 1997), pp. 509-533.

• Sandkuhl, K., Koç, H.: On the Applicability of Concepts from Variability Modelling in Capability Modelling: Experiences from a Case in Business Process Outsourcing. ASCDENCA 2014, Greece.

• Stirna, J., Sandkuhl, K.: An Outlook on Patterns as an Aid for Business and IT Alignment with Capabilities. ASCDENCA 2014, Greece.

• Mayer, N.; Aubert, J.; Cholez, H.; Grandry, E.: Sector-Based Improvement of the Information Security Risk Management Process in the Context of Telecommunications Regulation, 20th European Conference, EuroSPI 2013, Ireland.

• Cholez, H., Feltus, C.: Towards an Innovative Systemic Approach of Risk Management. SIN '14. ACM, New York, NY, USA, Pages 61.

• Rafati, L., Poels, G.: Capability Sourcing Modeling - A High-Level Conceptualization Based on Service-Dominant Logic, ASCDENCA 2014, Greece.

• Barney, J. B.: Gaining and Sustaining Competitive Advantage. Prentice-Hall, 2002.

• Mayer, N., Heymans, P., Matulevicius, R. Design of a Modelling Language for Information System Security Risk Management. RCIS. 2007.

• Taking Service Forward, http://takingserviceforward.org

• Rosen, M.: Are Capabilities Architecture? BPTrends, http://www.bptrends.com/ publicationfiles/02-05-2013-COL-BA-Are%20Capabilities%20Arch.pdf, 2013.

• CSSF, Circulaire CSSF 12/544, Optimisation of the supervision exercised on the "support PFS" by a risk-based approach, 2012.

• Grandry, E., Feltus, C., Dubois, E.: Conceptual Integration of Enterprise Architecture Management and Security Risk Management. SOEA4EE, EDOC WS, 2013.

• The Open Group: ArchiMate 2.1 Specification. Van Haren Publishing, 2012.

• Parent, C., Spaccapietra, S.: Database integration: The key to data interoperability. In Advances in Object-Oriented Data Modeling, pages 221-253. 2000.

• Zivkovic, S., Kühn, H., Karagiannis, D.: Facilitate modelling using method integration: An approach using mappings and integration rules, ECIS, 2007.

Références

Télécharger maintenant ( PDF - 26 Page - 1.61 MB )

Documents relatifs

A COMPARATIVE ANALYSIS OF BUSINESS PROCESS MODELLING TECHNIQUES

• Scope: Since object interaction diagrams are used to realise use cases, the business process modelling elements that are represented with BUCs can be

Experiences from Teaching Enterprise Modelling to Students of Information Systems

In this paper, we describe how Masters students at a university studying Infor- mation Systems (IS) adapt to Enterprise Modelling. The paper will present our expe-

Conceptual Modelling and Artificial Intelligence: Overview and research challenges from the perspective of predictive business process management

The particular case of integrating AI and Modelling, namely, using deep learning for predictive process management, exemplifies several challenges:..  Understanding of the term

Conceptual Modelling in Education: a Position Paper

• by implementing novel modelling methods as proofs-of-concepts created for a selected domain / purpose, including certain types of model-enabled evaluation

Modelling Business Processes for Outsourcing into the Fog and Cloud Computing

3, an extended version of the telemedicine process using the proposed elements has been illustrated to represent BP requirements for outsourcing into the Cloud and Fog

Business Process Modelling for a Data Exchange Platform

From a technical point of view, these service providers can be also seen as data providers and data consumers at the same time, e.g., they receive data as a data consumer from some

From paper to impact – business process management at SAP

We demonstrate value of process management by delivering process improvement projects using standardized ser- vices and LEAN methodology based on documented processes as included

Business Processes to Touch: Engaging Domain Experts in Process Modelling

This interface, called Metasonic Touch, is a commercial product based on results of the European research project IANES (Interactive Acquisition, Negotiation and Enactment