A framework for outsourcing IS/IT security services
M Karyda, E Mitrou, G Quirchmayr - Information Management & …, 2006 - emerald.com
M Karyda, E Mitrou, G Quirchmayr
Information Management & Computer Security, 2006•emerald.comPurpose–This paper seeks to provide an overview of the major technical, organizational and
legal issues pertaining to the outsourcing of IS/IT security services. Design/methodology/
approach–The paper uses a combined socio‐technical approach to explore the different
aspects of IS/IT security outsourcing and suggests a framework for accommodating security
and privacy requirements that arise in outsourcing arrangements. Findings–Data protection
requirements are a decisive factor for IS/IT security outsourcing, not only because they pose …
legal issues pertaining to the outsourcing of IS/IT security services. Design/methodology/
approach–The paper uses a combined socio‐technical approach to explore the different
aspects of IS/IT security outsourcing and suggests a framework for accommodating security
and privacy requirements that arise in outsourcing arrangements. Findings–Data protection
requirements are a decisive factor for IS/IT security outsourcing, not only because they pose …
Purpose
–
This paper seeks to provide an overview of the major technical, organizational and legal issues pertaining to the outsourcing of IS/IT security services.
Design/methodology/approach
–
The paper uses a combined socio‐technical approach to explore the different aspects of IS/IT security outsourcing and suggests a framework for accommodating security and privacy requirements that arise in outsourcing arrangements.
Findings
–
Data protection requirements are a decisive factor for IS/IT security outsourcing, not only because they pose restrictions to management, but also because security and privacy concerns are commonly cited among the most important concerns prohibiting organizations from IS/IT outsourcing. New emerging trends such as outsourcing in third countries, pose significant new issues, with regard to meeting data protection requirements.
Originality/value
–
The paper illustrates the reasons for which the outsourcing of IS/IT security needs to be examined under a different perspective from traditional IS/IT outsourcing. It focuses on the specific issue of personal data protection requirements that must be accommodated, according to the European Union directive.
Emerald Insight以上显示的是最相近的搜索结果。 查看全部搜索结果