Search results for "Security management"

showing 10 items of 26 documents

Using the ITIL Process Reference Model for Realizing IT Governance: An Empirical Investigation

2014

Information Technology Infrastructure Library ITIL is a popular framework for IT governance, but little academic research on ITIL exists. The authors investigate the overlap between ITIL and IT governance practices to illustrate ITIL's potential to stimulate IT governance. A field study shows that IT implementation success is particularly influenced by group efficacy and organizational resources, and, to a lesser extent, senior-management involvement. Findings show that ITIL, as expected, is a framework that contributes to IT governance by stimulating process management practices.

Knowledge managementbusiness.industryCorporate governanceIT service managementInformation technologyIT portfolio managementLibrary and Information SciencesCapacity managementComputer Science ApplicationsInformation Technology Infrastructure LibraryITIL security managementFinancial management for IT servicesbusinessInformation Systems
researchProduct

Managing information security in a business network of machinery maintenance services business – Enterprise architecture as a coordination tool

2007

Today, technologies enable easy access to information across organizational boundaries, also to systems of partners in business networks. This raises, however, several complex research questions on privacy, information security and trust. The study reported here provides motivation and a roadmap for approaching integrated security management solutions in a business network of partners with heterogeneous information and communication technologies (ICT): Systems, platforms, infrastructures as well as security policies. Enterprise architecture (EA) is proposed as a means for comprehensive and coordinated planning and management of corporate ICT and the security infrastructure. The EA approach …

Knowledge managementbusiness.industrySherwood Applied Business Security ArchitectureBusiness system planningEnterprise architectureInformation securityEnterprise information security architectureSecurity information and event managementInformation security managementHardware and ArchitectureBusiness architecturebusinessSoftwareInformation SystemsJournal of Systems and Software
researchProduct

Security Management of University Campuses

2017

Abstract The paper is approaching a sensitive topic which the whole society is facing, namely the security at a macro and micro-economic level. In this context, increasing the level of terrorism at all levels requires important measures to prevent the acts of terrorism and of providing a security that allows the development of all entities in the society. University offsets represent areas of agglomeration of young students living together, susceptible to challenging actions and to acts of terrorism that may occur at any time. The paper approaches a systemic and systematic thinking of untried actions to be taken for these structures, components of the university.

Military policyPolitical scienceSecurity managementPublic administrationBusiness managementInternational conference KNOWLEDGE-BASED ORGANIZATION
researchProduct

Information in the aspect of security threats and challenges

2019

INFORMATION IN THE ASPECT OF SECURITY THREATS AND CHALLENGESIn the article, the author describes the driving force behind deliberate informational activities. He pays particular attention to the current security situation in the information dimension. Existing systems in the area of security management should be resistant to disinformation and informational operations. There is no room for the freedom of interpretation of the information acquired since every decision results in the actions of people, therefore it requires accuracy and caution. This issue takes on a special dimension when it concerns the state, because this environment contains specific features such as a changing environmen…

National securitybusiness.industrymedia_common.quotation_subjectInterpretation (philosophy)Information processingComputer securitycomputer.software_genreinformation processingsecurity systeminformationResilience (organizational)ScarcitydisinformationDisinformationSecurity managementBusinessDimension (data warehouse)national securitycomputermedia_commonStudia nad Autorytaryzmem i Totalitaryzmem
researchProduct

Strategising IT service management through ITIL implementation: model and empirical test

2015

Research on the Information Technology Infrastructure Library (ITIL) lacks appropriate theories and models that capture the distinct characteristics and implications of the ITIL implementation practice. The purpose of this study is to close this gap. Based on a literature review, we develop and empirically validate a theoretical model: the ITIL Implementation Project Model. The model includes significant antecedents, which provide a foundation upon which an effective ITIL implementation project can be built, as well as the pertinent effects of implementing ITIL. The results contribute to the current research stream on the strategising of IT service management as well as to an improved under…

Process managementComputer sciencebusiness.industry05 social sciencesIT service managementIT portfolio management02 engineering and technologyGeneral Business Management and AccountingCapacity managementInformation Technology Infrastructure LibraryITIL security managementEmpirical researchFinancial management for IT services020204 information systems0502 economics and business0202 electrical engineering electronic engineering information engineeringIncident management (ITSM)business050203 business & managementTotal Quality Management & Business Excellence
researchProduct

Analysis of dynamic service oriented systems for security related problems detection

2017

The paper presents an approach to solve some problems arising in the management process of IT security. Our motivation of this research is to study in every detail the context of service oriented systems, which can be defined as considerable heterogeneous, dynamic and flexible configuration of the hardware and software system resources. The fundamental difference between security management systems with traditional centralized and monolithic architecture and service oriented systems is discussed. We propose a multilayered-reference model for service-oriented systems aimed predominantly at principal objectives related to IT based systems security working in dynamic environments. Likewise, co…

Security engineeringCloud computing securitysecurity incidentsSecurity serviceSoftware security assuranceComputer scienceDistributed computingSherwood Applied Business Security Architecturesecurity levelSecurity managementservice oriented systemsComputer security modelSecurity information and event management
researchProduct

Tailorable Representation of Security Control Catalog on Semantic Wiki

2018

Selection of security controls to be implemented is an essential part of the information security management process in an organization. There exist a number of readily available information security management system standards, including control catalogs, that could be tailored by the organizations to meet their security objectives. Still, it has been noted that many organizations tend to lack even the implementation of the fundamental security controls. At the same time, semantic wikis have become popular collaboration and information sharing platforms that have proven their strength as an effective way to distribute domain-specific information within an organization. This paper evaluates…

World Wide WebInformation security managementKnowledge basebusiness.industryProcess (engineering)Computer scienceInformation sharingControl (management)Information securitybusinessSecurity controlsInformation security management system
researchProduct

ITIL Implementation: The Role of ITIL Software and Project Quality

2012

This research will investigate the implementation status of the Information Technology Infrastructure Library (ITIL) reference processes and the influence of ITIL software quality and ITIL project quality on implementation status. The paper analyzes data from a survey of 160 Nordic companies.

business.industryComputer sciencemedia_common.quotation_subjectIT portfolio managementCapacity managementSoftware qualityInformation Technology Infrastructure LibraryEngineering managementSoftwareITIL security managementFinancial management for IT servicesQuality (business)businessmedia_common2012 23rd International Workshop on Database and Expert Systems Applications
researchProduct

Security of information in IT systems

2005

The aim of the paper is to increase human awareness of the dangers connected with social engineering methods of obtaining information. The article demonstrates psychological and sociological methods of influencing people used in the attacks on IT systems. Little known techniques are presented about one of the greater threats that is electromagnetic emission or corona effect. Moreover, the work shows methods of protecting against this type of dangers. Also, in the paper one can find information on devices made according to the TEMPEST technology. The article not only discusses the methods of gathering information, but also instructs how to protect against its out-of-control loss.

business.industrySocial engineering (security)Telecommunication securityInformation technologyEavesdroppingElectromagnetic emissionComputer securitycomputer.software_genreInformation protection policyInformation security managementSociologyTempestbusinesscomputerSPIE Proceedings
researchProduct

Analysis of information risk management methods

2014

Zudin, Rodion Analysis of information risk management methods Jyväskylä: University of Jyväskylä, 2014, 33 p. Information Systems, Bachelor’s Thesis Supervisor: Siponen, Mikko A brief overview in the information risk management field is done in this study by introducing the shared terminology and methodology of the field using literature overview in the first chapter. Second chapter consists of examining and comparing two information risk management methodologies proposed by two different guides: Risk Management Guide for Information Technology Systems by National Institute of Standards and Technology and The Security Risk Management Guide by Microsoft. By finding common factors and methods…

information security managementrisk assessmentrisk mitigation
researchProduct