Portal de Periódicos da CAPES

Information Management for Holistic, Collaborative Information Security Management

2012; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-1-4614-3558-7_17

1876-1119

Margareth Stoll, Michael Felderer, Ruth Breu,

Network Security and Intrusion Detection

The importance of information, asset and technology as key differentiator for modern organizations is increasingly recognized. More than 6,600 organizations worldwide are implementing an information security management system (ISMS) in accordance to ISO/IEC 27001. An optimal information management is a critical success factor for the effectiveness, performance and sustainability of ISMS. Information security (IS) has been considered as technical job for a long time. In the last years IS research has developed further an IS governance and people oriented direction. Additionally, different best practices such as control objectives for information and related technology (COBIT) and the information technology infrastructure library (ITIL) have been published. In accordance to the IS approaches the information management for ISMS was studied either only from a technical perspective or a measurement perspective. In this paper we integrate all perspectives by defining a holistic, generic IS management taxonomy. To establish this taxonomy we start from a collaborative ISM framework that considers the different IS research approaches and best practices. Based on our novel IS management taxonomy we define the requirements for information system integration and information processing for a holistic, collaborative IS management.