Information Security and System Development

  • Margareth Stoll
  • Dietmar Laner
Conference paper


Due to globalization, stronger competition, increased complexity, information explosion, interconnection and exten-sive use of IT data and information management are main performance driver and key differentiator for sustainable or-ganization success. Long time organizations had developed IT systems regarding overall access rights. Due to stronger re-quirements of data protection code and increased requirements for data integrity, availability and confidentiality information security is a key requirement for system development. Many organizations of different sizes are implementing standard based management systems, such as quality ISO9001, environ-mental ISO14001or others, which are based on common prin-ciples: objectives and strategies, business processes, resource management and continuously optimization. Due to this situa-tion we used in different case studies as basis for system devel-opment a the organization adapted, holistic, standard based management system to analyze the system requirements. This promotes legal conformity, information security awareness, ef-fectiveness and information security improvement for sustain-able organization success.


information security management system system development data protection system integrity 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    M. Hammer, Beyond reengineering, HarperCollins Business, London, 1996.Google Scholar
  2. [2]
    ISO/IEC 27001:2005 Information technology – Security techniques – Information security management systems – Requirements, 5.10.2005.Google Scholar
  3. [3]
    EN/ISO 9001:2000 Quality Management Systems – requirements, ISO 17.12.2000.Google Scholar
  4. [4]
    P. Osanna, M. Durakbasa and A. Afjehi-Sada, Quality in Industry, Vienna University of Technology, 2004.Google Scholar
  5. [5]
    Y. Akao, Quality Function Deployment, integrating customer requirements into product design, Productivity Press, Portland, 1990.Google Scholar
  6. [6]
    M. Stoll, Workplace Process Integrated Learning and Knowledge Organization, in H. Maurer and K. Tochtermann Eds. Proc. I-Know 07, 7th International Conference on Knowledge Management, J.UCS Journal of Universal Computer Science, Graz, 2007.Google Scholar
  7. [7]
    T. Davenport and L. Prusak, Working Knowledge, Harvard Business School Press, Boston, 1998.Google Scholar
  8. [8]
    R. Maier, Knowledge management systems, Springer, Berlin, 2002.Google Scholar
  9. [9]
    G. Riempp, Integrierte Wissensmanagementsysteme: Architektur und praktische Anwendung, Springer, Berlin, 2004.Google Scholar
  10. [10]
    G. Probst, S. Raub and K. Romhardt, Wissen managen, Gabler, Wiesbaden, 1999.Google Scholar
  11. [11]
    F. Lehner, Wissensmanagement: Grundlagen Methoden und technische Unterstützung, Hanser, München, 2006.Google Scholar
  12. [12]
    S. Güldenberg, Wissensmanagement und Wissenscontrolling in lernenden Organisationen. Deutscher Universitäts-Verlag, Wiesbaden, 1997.Google Scholar
  13. [13]
    P. Pawlowsky, Wissensmanagement, Erfahrungen und Perspektiven. Gabler, Wiesbaden, 1998.Google Scholar

Copyright information

© Springer Science+Business Media B.V. 2010

Authors and Affiliations

  1. 1.EURAC ResearchBozenItaly

Personalised recommendations