Method Framework for Developing Enterprise Architecture Security Principles
Organizations need to consider many facets of information security in their daily operations – among others, the rapidly increasing use of IT, emerging technologies and digitalization of organizations’ core resources provoke new threats that can be difficult to anticipate. It has been argued that th...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Riga Technical University Press
2019-10-01
|
| Series: | Complex Systems Informatics and Modeling Quarterly |
| Subjects: | |
| Online Access: | https://csimq-journals.rtu.lv/article/view/3125 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832542939186724864 |
|---|---|
| author | Sara Larno Ville Seppänen Jarkko Nurmi |
| author_facet | Sara Larno Ville Seppänen Jarkko Nurmi |
| author_sort | Sara Larno |
| collection | DOAJ |
| description | Organizations need to consider many facets of information security in their daily operations – among others, the rapidly increasing use of IT, emerging technologies and digitalization of organizations’ core resources provoke new threats that can be difficult to anticipate. It has been argued that the security and privacy considerations should be embedded in all the areas of organizational activities instead of only relying technical security mechanisms provided by the underlying systems and software. Enterprise Architecture Management (EAM) offers a holistic approach for managing different dimensions of an organization, and can be conceived as a coherent and consistent set of principles that guide how the enterprise must be designed. This article contributes with a method framework for integrating information security with EAM, aimed at providing support for the decision-making related to formulating context-aware EA security principles. The presented method framework is a result of a constructive research based on both the theoretical body of knowledge and the empirical evidence, obtained by interviewing 35 Finnish EA and information security practitioners. |
| format | Article |
| id | doaj-art-0b264e3ce5ee4fc4a3fc4a2700db1eb5 |
| institution | Kabale University |
| issn | 2255-9922 |
| language | English |
| publishDate | 2019-10-01 |
| publisher | Riga Technical University Press |
| record_format | Article |
| series | Complex Systems Informatics and Modeling Quarterly |
| spelling | doaj-art-0b264e3ce5ee4fc4a3fc4a2700db1eb52025-02-03T12:03:20ZengRiga Technical University PressComplex Systems Informatics and Modeling Quarterly2255-99222019-10-01020577110.7250/csimq.2019-20.031688Method Framework for Developing Enterprise Architecture Security PrinciplesSara Larno0Ville Seppänen1Jarkko Nurmi2Faculty of Information Technology, University of Jyvaskyla, Mattilanniemi 2, Jyväskylä, FI-40014Faculty of Information Technology, University of Jyvaskyla, Mattilanniemi 2, Jyväskylä, FI-40014Faculty of Information Technology, University of Jyvaskyla, Mattilanniemi 2, Jyväskylä, FI-40014Organizations need to consider many facets of information security in their daily operations – among others, the rapidly increasing use of IT, emerging technologies and digitalization of organizations’ core resources provoke new threats that can be difficult to anticipate. It has been argued that the security and privacy considerations should be embedded in all the areas of organizational activities instead of only relying technical security mechanisms provided by the underlying systems and software. Enterprise Architecture Management (EAM) offers a holistic approach for managing different dimensions of an organization, and can be conceived as a coherent and consistent set of principles that guide how the enterprise must be designed. This article contributes with a method framework for integrating information security with EAM, aimed at providing support for the decision-making related to formulating context-aware EA security principles. The presented method framework is a result of a constructive research based on both the theoretical body of knowledge and the empirical evidence, obtained by interviewing 35 Finnish EA and information security practitioners.https://csimq-journals.rtu.lv/article/view/3125enterprise architecture managemententerprise architecture principleinformation securityinformation security policymethod frameworkconstructive research |
| spellingShingle | Sara Larno Ville Seppänen Jarkko Nurmi Method Framework for Developing Enterprise Architecture Security Principles Complex Systems Informatics and Modeling Quarterly enterprise architecture management enterprise architecture principle information security information security policy method framework constructive research |
| title | Method Framework for Developing Enterprise Architecture Security Principles |
| title_full | Method Framework for Developing Enterprise Architecture Security Principles |
| title_fullStr | Method Framework for Developing Enterprise Architecture Security Principles |
| title_full_unstemmed | Method Framework for Developing Enterprise Architecture Security Principles |
| title_short | Method Framework for Developing Enterprise Architecture Security Principles |
| title_sort | method framework for developing enterprise architecture security principles |
| topic | enterprise architecture management enterprise architecture principle information security information security policy method framework constructive research |
| url | https://csimq-journals.rtu.lv/article/view/3125 |
| work_keys_str_mv | AT saralarno methodframeworkfordevelopingenterprisearchitecturesecurityprinciples AT villeseppanen methodframeworkfordevelopingenterprisearchitecturesecurityprinciples AT jarkkonurmi methodframeworkfordevelopingenterprisearchitecturesecurityprinciples |