Application of COBIT to Security Management in Information Systems Development

COBIT is a collection of good practices and processes for IT governance. It provides the effective measures, indicators and activities for enterprise. COBIT has also been applied to the other governance, e. g., software process, security governance, IT service management. However, since COBIT is too...

Full description

Saved in:
Bibliographic Details
Published in2009 Fourth International Conference on Frontier of Computer Science and Technology pp. 625 - 630
Main Author Morimoto, S.
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.12.2009
Subjects
Application software
Content management
Guidelines
IEC standards
Information management
Information security
ISO standards
Management information systems
Portfolios
Project management
Online AccessGet full text
ISBN0769539327
9780769539324
1424454662
9781424454662
ISSN2159-6301
DOI10.1109/FCST.2009.38

Cover

More Information
Summary:COBIT is a collection of good practices and processes for IT governance. It provides the effective measures, indicators and activities for enterprise. COBIT has also been applied to the other governance, e. g., software process, security governance, IT service management. However, since COBIT is too general-purpose, it requires deep expert knowledge for the implementation of each application. Although the guideline of security management is also published, its contents are abstract. Therefore, we examined the contents of COBIT and defined a framework which specializes in security engineering from the guideline. This paper presents the framework and its application to information systems development. The framework effectively utilizes the COBIT-based security management and solves various subjects of security in the development.
ISBN:0769539327
9780769539324
1424454662
9781424454662
ISSN:2159-6301
DOI:10.1109/FCST.2009.38