Information Security and System Development

Conference paper

Abstract

Due to globalization, stronger competition, increased complexity, information explosion, interconnection and exten-sive use of IT data and information management are main performance driver and key differentiator for sustainable or-ganization success. Long time organizations had developed IT systems regarding overall access rights. Due to stronger re-quirements of data protection code and increased requirements for data integrity, availability and confidentiality information security is a key requirement for system development. Many organizations of different sizes are implementing standard based management systems, such as quality ISO9001, environ-mental ISO14001or others, which are based on common prin-ciples: objectives and strategies, business processes, resource management and continuously optimization. Due to this situa-tion we used in different case studies as basis for system devel-opment a the organization adapted, holistic, standard based management system to analyze the system requirements. This promotes legal conformity, information security awareness, ef-fectiveness and information security improvement for sustain-able organization success.

Keywords

information security management system system development data protection system integrity 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    M. Hammer, Beyond reengineering, HarperCollins Business, London, 1996.Google Scholar
  2. [2]
    ISO/IEC 27001:2005 Information technology – Security techniques – Information security management systems – Requirements, 5.10.2005.Google Scholar
  3. [3]
    EN/ISO 9001:2000 Quality Management Systems – requirements, ISO 17.12.2000.Google Scholar
  4. [4]
    P. Osanna, M. Durakbasa and A. Afjehi-Sada, Quality in Industry, Vienna University of Technology, 2004.Google Scholar
  5. [5]
    Y. Akao, Quality Function Deployment, integrating customer requirements into product design, Productivity Press, Portland, 1990.Google Scholar
  6. [6]
    M. Stoll, Workplace Process Integrated Learning and Knowledge Organization, in H. Maurer and K. Tochtermann Eds. Proc. I-Know 07, 7th International Conference on Knowledge Management, J.UCS Journal of Universal Computer Science, Graz, 2007.Google Scholar
  7. [7]
    T. Davenport and L. Prusak, Working Knowledge, Harvard Business School Press, Boston, 1998.Google Scholar
  8. [8]
    R. Maier, Knowledge management systems, Springer, Berlin, 2002.Google Scholar
  9. [9]
    G. Riempp, Integrierte Wissensmanagementsysteme: Architektur und praktische Anwendung, Springer, Berlin, 2004.Google Scholar
  10. [10]
    G. Probst, S. Raub and K. Romhardt, Wissen managen, Gabler, Wiesbaden, 1999.Google Scholar
  11. [11]
    F. Lehner, Wissensmanagement: Grundlagen Methoden und technische Unterstützung, Hanser, München, 2006.Google Scholar
  12. [12]
    S. Güldenberg, Wissensmanagement und Wissenscontrolling in lernenden Organisationen. Deutscher Universitäts-Verlag, Wiesbaden, 1997.Google Scholar
  13. [13]
    P. Pawlowsky, Wissensmanagement, Erfahrungen und Perspektiven. Gabler, Wiesbaden, 1998.Google Scholar

Copyright information

© Springer Science+Business Media B.V. 2010

Authors and Affiliations

  1. 1.EURAC ResearchBozenItaly

Personalised recommendations