Title :
Quality Matters: Systematizing Quality Deficiencies in the Documentation of Business Security Requirements
Author :
Sillaber, Christian ; Breu, Ruth
Author_Institution :
Quality Enginnering Res. Group, Univ. of Innsbruck, Innsbruck, Austria
Abstract :
The ever increasing need for businesses to ensure compliance with various laws and regulations as well as internal and external policies increasingly requires businesses to manage a plethora of documentation on different business security requirements. However, business security requirement documentation often suffers from quality deficiencies and faults due to negligence, inconsistencies, conflicts or unclear responsibilities in globally distributed businesses. A key factor to successfully address these deficiencies and to support continuous quality improvement of business security requirements documentation is to know exactly what faults to look for in a structured manner. Based on a think-aloud study, we identify and categorize specific quality deficiencies that can be found in the documentation of business security requirements and classify the faults that might cause them. We conclude by proposing a taxonomy that covers the specification, interaction, and life-cycle faults that are at the root of observable failures in the documentation of business security requirements.
Keywords :
business data processing; formal specification; security of data; system documentation; business security requirement documentation; continuous quality improvement; fault classifocation; interaction faults; life-cycle faults; quality deficiencies; specification faults; taxonomy; think-aloud study; Documentation; Interviews; Organizations; Q-factor; Security; Standards organizations; business security requirements; fault taxonomy; quality deficiencies;
Conference_Titel :
Availability, Reliability and Security (ARES), 2014 Ninth International Conference on
Conference_Location :
Fribourg
DOI :
10.1109/ARES.2014.40
