Automated risk assessments using a contextual data model that correlates physical and logical assets

US 8,150,717 B2
Filed: 01/14/2008
Issued: 04/03/2012
Est. Priority Date: 01/14/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A method for performing risk assessment for an information system comprising:

receiving, via at least one computer device executing computer program instructions, an initiating event, wherein said initiating event comprises an automatic trigger event resulting from an occurrence of a predefined state of an information system;

accessing, via at least one computer device executing computer program instructions, a contextual data model of the information system and a set of data instances representing at least one operating state of the information system, wherein the contextual data model defines relationships between physical and logical assets of the information system;

analyzing, via at least one computer device executing computer program instructions, the contextual data model and set of data instances in relation to a previously established user-selected scenario;

generating, via at least one computer device executing computer program instructions, an action plan for the information system and the previously established user-selected scenario;

determining, via at least one computer device executing computer program instructions, an automation status of the action plan; and

when the automation status is determined to be affirmative, automatically executing, via at least one computer device executing computer program instructions, at least one automation rule to implement the action plan, wherein the automation rule comprises at least one automated process, wherein the at least one automated process executes a series of commands within the information system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An automated method, system, device, and/or computer program for performing risk assessment for an information system. A risk assessment tool can receive a scenario for which to perform a risk assessment. A contextual data model and a set of data instances for the information system can be accessed. The contextual data model can define relationships between physical and logical assets of the information system. The contextual data model and set of data instances can be analyzed in relation to the scenario. An action plan can be generated that addresses the scenario.

Citations

17 Claims

1. A method for performing risk assessment for an information system comprising:
- receiving, via at least one computer device executing computer program instructions, an initiating event, wherein said initiating event comprises an automatic trigger event resulting from an occurrence of a predefined state of an information system;
  
  accessing, via at least one computer device executing computer program instructions, a contextual data model of the information system and a set of data instances representing at least one operating state of the information system, wherein the contextual data model defines relationships between physical and logical assets of the information system;
  
  analyzing, via at least one computer device executing computer program instructions, the contextual data model and set of data instances in relation to a previously established user-selected scenario;
  
  generating, via at least one computer device executing computer program instructions, an action plan for the information system and the previously established user-selected scenario;
  
  determining, via at least one computer device executing computer program instructions, an automation status of the action plan; and
  
  when the automation status is determined to be affirmative, automatically executing, via at least one computer device executing computer program instructions, at least one automation rule to implement the action plan, wherein the automation rule comprises at least one automated process, wherein the at least one automated process executes a series of commands within the information system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the automation status is controlled by a user-configurable value within the risk assessment tool.
  - 3. The method of claim 1, further comprising:
    - when the automation status is determined to be adverse, presenting the action plan for manual implementation.
  - 4. The method of claim 1, wherein analyzing the contextual data model and set of data instances in relation to the user-selected scenario further comprises:
    - determining, via at least one computer device executing computer program instructions, a set of assets within the information system that need to be considered for the user-selected scenario;
      
      compiling, via at least one computer device executing computer program instructions, relationships and dependencies for the set of assets under consideration;
      
      ascertaining, via at least one computer device executing computer program instructions, at least one risk relationship for the compiled relationships and dependencies; and
      
      calculating, via at least one computer device executing computer program instructions, a level of risk for the at least one risk relationship.
  - 5. The method of claim 4, wherein ascertaining at least one risk relationship for the compiled relationships and dependencies comprises:
    - utilizing a set of business rules representing a plurality of predetermined policies for addressing risk factors and operation of the information system.
  - 6. The method of claim 4, further comprising calculating a level of risk for the at least one risk relationship in accordance with a standardized risk assessment methodology.
  - 7. The method of claim 4, further comprising:
    - comparing the calculated level of risk with a risk threshold value, wherein the risk threshold value represents a maximum level of risk allowed within the information system.

8. An automated system for performing risk assessment for an information system that correlates physical and logical assets comprising:
- a contextual data model of an information system that is digitally encoded in a non-transitory computer usable storage medium, said contextual data model defining a plurality of assets and relationships between said plurality of assets, wherein the contextual data model comprises at least one data model representing the information system, wherein the at least one data model of the information system discriminates and relates physical and logical assets of the information system;
  
  a set of data instances digitally encoded in a non-transitory computer usable storage medium, said set of data instances representing at least one operating state of the information system; and
  
  an information systems risk assessment tool, comprising computer program instructions stored on a non-transitory storage medium and that are executable by at least one processor, configured to utilize the contextual data model and the set of data instances to automatically determine an action plan, wherein the action plan is determined for a user-defined scenario, wherein said user-defined scenario defines a set of conditions for automatically initiating a programmatic operation that results in the information systems risk assessment tool generating the action plan, wherein said information systems risk assessment tool is selectively configurable to produce said action plan for a static risk assessment at a defined point in time, wherein said risk assessment tool is selectively configurable to produce said action plan for an static risk assessment for a defined time window, and wherein said risk assessment tool is selectively configurable to produce said action plan for a dynamic risk assessment performed against the information system in at least one of real-time and near real time.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The system of claim 8, wherein the risk assessment tool further comprises:
    - a user interface, produced by computer program instructions stored on a non-transitory storage medium being executed by at least one processor, configured to accept at least one user-entered parameter, wherein the at least one user-entered parameter defines a condition for one of an asset and a relationship contained within the contextual data model;
      
      a set of business rules, digitally encoded and stored in a non-transitory medium, representing a plurality of predetermined policies for addressing risk factors and operation of the information system; and
      
      a risk analysis engine, comprising computer program instructions stored on a non-transitory storage medium and that are executable by at least one processor, configured to utilize the at least one user-entered parameter, the set of business rules, the contextual data model, and the set of data instances to determine at least one course of action and a risk metric corresponding to the at least one course of action, wherein the at least one course of action and corresponding risk metric are contained within the action plan.
  - 10. The system of claim 9, wherein the risk assessment tool further comprises:
    - a set of automation rules defining at least one automated process, wherein the at least one automated process executes a series of commands within the information system to implement the at least one course of action of the action plan.
  - 11. The system of claim 10, wherein an execution of an automation rule is performed automatically based upon a business rule.
  - 12. The system of claim 8, wherein at least one data instance of the set of data instances is received in real-time from at least one component of the information system.

13. A computer program product comprising a non-transitory computer useable storage medium having computer usable program embodied therewith, wherein the computer usable program code when executed on a computer causes the computer to:
- receive an initiating event, wherein said initiating event comprises an automatic trigger event resulting from an occurrence of a predefined state of an information system;
  
  access a contextual data model of the information system and a set of data instances representing at least one operating state of the information system, wherein the contextual data model defines relationships between physical and logical assets of the information system;
  
  analyze the contextual data model and set of data instances in relation to a previously established user-selected scenario;
  
  generate an action plan for the information system and the previously established user-selected scenario;
  
  determine an automation status of the action plan; and
  
  when the automation status is determined to be affirmative, automatically execute at least one automation rule to implement the action plan, wherein the automation rule comprises at least one automated process, wherein the at least one automated process executes a series of commands within the information system.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer program product of claim 13, wherein the automation status is controlled by a user-configurable value within the risk assessment tool.
  - 15. The computer program product of claim 13, wherein the computer usable program code when executed on a computer further causes the computer to:
    - when the automation status is determined to be adverse, present the action plan for manual implementation.
  - 16. The computer program product of claim 13, when the computer usable program code causes the computer to analyze the contextual data model and set of data instances in relation to the user-selected scenario, the computer usable program code further causes the computer to:
    - determine a set of assets within the information system that need to be considered for the user-selected scenario;
      
      compile relationships and dependencies for the set of assets under consideration;
      
      ascertain at least one risk relationship for the compiled relationships and dependencies; and
      
      calculate a level of risk for the at least one risk relationship.
  - 17. The computer program product of claim 13, when the computer usable program code causes the computer to:
    - compare the calculated level of risk with a risk threshold value, wherein the risk threshold value represents a maximum level of risk allowed within the information system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Whitmore, James J.
Primary Examiner(s)
RANKINS, WILLIAM E

Application Number

US12/013,720
Publication Number

US 20090182593A1
Time in Patent Office

1,541 Days
Field of Search

705/7.11, 705/7.28
US Class Current

705/7.11
CPC Class Codes

G06Q 10/063   Operations research, analys...

G06Q 10/0635   Risk analysis of enterprise...

G06Q 40/08   Insurance

Automated risk assessments using a contextual data model that correlates physical and logical assets

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Automated risk assessments using a contextual data model that correlates physical and logical assets

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links