Abstract
Over the past few decades many different Information Technologies (IT) policies have been introduced, including COSO, ITIL, PMBook, CMM, ISO 2700x, Six Sigma, being COBIT IT (Control Objectives for IT) the framework that encompasses all IT and Information Systems (IS) governance activities at the organization’s level. As part of the applicability of quality services certification (ISO 9001) in all IT services of a public institution, it is presented a case study aimed at planning, managing and monitoring technological security infrastructures. It followed the guidelines for the ISO 2700x family, COBIT, ITIL and other standards and conducted a survey to complement the IT process’s objectives. With regard to an action-research methodology for problem-solving (i.e., a kind of attempt to improve or investigate practice) and according to the issue under analyze, the question is put into the terms, viz. “How can the ISO 2700x, COBIT, ITIL and other guidelines help with the planning, management and monitoring of technological security infrastructures and minimize the risk management of IT and IS?”. Indeed, it may be resolved that it is possible to achieve the goals of planning, managing and monitoring a technological security infrastructure. In the future, we will use Artificial Intelligence based approaches to problem solving such as Artificial Neural Networks and Cased Based Reasoning, to evaluate this issue.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ISO – International Organization for Standardization. https://www.iso.org/standards.html. Accessed 15 Feb 2018
ISACA – The Official Site of Information Systems Audit and Control Association. https://www.isaca.org/pages/default.aspx. Accessed 18 Feb 2018
Agrawal, V.: A framework for the information classification in ISO 27005 Standard. In: Qiu, M. (ed.) Proceedings of the 4th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2017), pp. 264–269. IEEE Edition (2017)
Gonzalez-Granadillo, G., Dubus, S., Motzekc, A., Garcia-Alfaro, J., Alvarez, E., Merialdo, M., Papillon, S., Debar, H.: Dynamic risk management response system to handle cyber threats. Future Gener. Comput. Syst. 83, 535–552 (2017)
Wangen, G.: Information security risk assessment: a method comparison. Computer 50(4), 52–61 (2017)
Deloach, J., Temple, N.: Enterprise-Wide Risk Management: Strategies for Linking Risk and Opportunity. Prentice Hall, London (2000)
Cayirci, E., Garaga, A., Oliveira, A.S., Roudier, Y.: A risk assessment model for selecting cloud service providers. J. Cloud Comput. Adv. Syst. Appl. 5(14), 12 (2016)
Olesen, K., Myers, D.: Trying to improve communication and collaboration with information technology: an action research project which failed. Inf. Technol. People 12(4), 317–332 (1999)
Ribeiro, J., Gomes, R.: Information system to support quality management systems: a case study in a Portuguese high educational institution. In: Proceedings of the 4th Mediterranean Conference on Information Systems (MCIS 2009), paper 2 (2009)
Ramos, J., Oliveira, T., Satoh, K., Neves, J., Novais, P.: An orientation method with prediction and anticipation features. Artif. Intell. 20(59), 82–95 (2017)
Neves, J., Fernandes, A., Gomes, G., Neves, M., Abelha, A., Vicente, H.: International Standard ISO 9001 – a soft computing view. In: Hammoudi, S., Maciaszek, L., Teniente, E., Camp, O., Cordeiro, J. (eds.) Enterprise Information Systems. Lecture Notes in Business Information Processing, vol. 241, pp. 153–167. Springer, Cham (2015)
Fernandes, B., Freitas, M., Analide, C., Vicente, H., Neves, J.: Handling default data under a case-based reasoning approach. In: Proceedings of the 7th International Conference on Agents and Artificial Intelligence (ICAART 2015), vol. II, pp. 294–304. Scitepress, Lisbon (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Ribeiro, J., Alves, V., Vicente, H., Neves, J. (2019). Planning, Managing and Monitoring Technological Security Infrastructures. In: Machado, J., Soares, F., Veiga, G. (eds) Innovation, Engineering and Entrepreneurship. HELIX 2018. Lecture Notes in Electrical Engineering, vol 505. Springer, Cham. https://doi.org/10.1007/978-3-319-91334-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-91334-6_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-91333-9
Online ISBN: 978-3-319-91334-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)