DocumentCode
3208433
Title
Application of COBIT to Security Management in Information Systems Development
Author
Morimoto, Shoichi
Author_Institution
Sch. of Bus. Adm., Senshu Univ., Kawasaki, Japan
fYear
2009
fDate
17-19 Dec. 2009
Firstpage
625
Lastpage
630
Abstract
COBIT is a collection of good practices and processes for IT governance. It provides the effective measures, indicators and activities for enterprise. COBIT has also been applied to the other governance, e. g., software process, security governance, IT service management. However, since COBIT is too general-purpose, it requires deep expert knowledge for the implementation of each application. Although the guideline of security management is also published, its contents are abstract. Therefore, we examined the contents of COBIT and defined a framework which specializes in security engineering from the guideline. This paper presents the framework and its application to information systems development. The framework effectively utilizes the COBIT-based security management and solves various subjects of security in the development.
Keywords
information systems; security of data; software development management; COBIT; Control Objectives for Information and related Technology; IT governance; IT service management; enterprise; expert knowledge; information systems development; security governance; security management; software process; Application software; Content management; Guidelines; IEC standards; ISO standards; Information management; Information security; Management information systems; Portfolios; Project management;
fLanguage
English
Publisher
ieee
Conference_Titel
Frontier of Computer Science and Technology, 2009. FCST '09. Fourth International Conference on
Conference_Location
Shanghai
Print_ISBN
978-0-7695-3932-4
Electronic_ISBN
978-1-4244-5467-9
Type
conf
DOI
10.1109/FCST.2009.38
Filename
5392853
Link To Document