Title :
Application of COBIT to Security Management in Information Systems Development
Author :
Morimoto, Shoichi
Author_Institution :
Sch. of Bus. Adm., Senshu Univ., Kawasaki, Japan
Abstract :
COBIT is a collection of good practices and processes for IT governance. It provides the effective measures, indicators and activities for enterprise. COBIT has also been applied to the other governance, e. g., software process, security governance, IT service management. However, since COBIT is too general-purpose, it requires deep expert knowledge for the implementation of each application. Although the guideline of security management is also published, its contents are abstract. Therefore, we examined the contents of COBIT and defined a framework which specializes in security engineering from the guideline. This paper presents the framework and its application to information systems development. The framework effectively utilizes the COBIT-based security management and solves various subjects of security in the development.
Keywords :
information systems; security of data; software development management; COBIT; Control Objectives for Information and related Technology; IT governance; IT service management; enterprise; expert knowledge; information systems development; security governance; security management; software process; Application software; Content management; Guidelines; IEC standards; ISO standards; Information management; Information security; Management information systems; Portfolios; Project management;
Conference_Titel :
Frontier of Computer Science and Technology, 2009. FCST '09. Fourth International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3932-4
Electronic_ISBN :
978-1-4244-5467-9
DOI :
10.1109/FCST.2009.38
