Title :
Information security management systems and socio-technical walkthroughs
Author :
Loser, Kai-Uwe ; Nolte, Alexander ; Herrmann, Thomas ; Neues, Haiko Te
Author_Institution :
Inf. & Technol. Manage., Ruhr-Univ. Bochum, Bochum, Germany
Abstract :
Information Security Management is related to the design of socio-technical work processes. The development and reflection of this kind of processes can be supported with the field-tested method of the socio-technical walkthrough (STWT). Within a project of raising security standards for a university administration infrastructure, STWT was combined with common ISMS methodology. During this project we found indicators for improvement by employing the STWT: technical and organizational measures can be specified in a single effort; contingent relationships can be taken into account as well as vulnerability resulting from characteristics of social structures. Furthermore switching between different levels of abstraction, details and formalization is possible. STWT helps to develop artifacts which support a focused discussion as well as an appropriate documentation.
Keywords :
educational administrative data processing; information management; organisational aspects; security of data; social aspects of automation; field tested method; information security management systems; organizational measures; security standards; socio-technical walkthroughs; university administration infrastructure; Conferences; Educational institutions; Humans; Information security; Software; Information security management; Socio-technical systems; socio-technical modeling;
Conference_Titel :
Socio-Technical Aspects in Security and Trust (STAST), 2011 1st Workshop on
Conference_Location :
Milan
Print_ISBN :
978-1-4577-1182-4
DOI :
10.1109/STAST.2011.6059255
