The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In recent years, the complexity and scale of governance, risk and compliance has grown significantly due to globalization and there is a need for institutions to consult multiple standards and frameworks to address a heterogeneous and highly regulated environment. Even with the advent of Governance Risk and Compliance (GRC) systems, there is a need to reduce redundancy and amount of work to the organization...
Organizations are extensively using Identity and Access Management (IAM) systems to manage and control the employees' identity and access privileges. An IAM system acts as a single trusted source of identity and access information. Securing and safeguarding of this sensitive information from malicious insiders and cyber assaults are essential for the successful operation of an organization. Accordingly,...
Personal Health Records (PHR) open new opportunities for enhancing delivery of standard health care services and health information to general population and supporting individuals to take more active role in health management and decision making processes. However, while utilization of PHR as part of a health management process brings much more flexibility, and advanced options to individuals, it...
Software assurance in software development process becomes an important part of ICT supply chains risk management, and also has been one of the most advanced information security technologies. Based on the researches of software assurance, this paper studies the development and current research of software security assurance in the background of software security being concerned by more and more people,...
Business process management (BPM) and accompanying systems allow organizations to react faster both to environmental and market changes. Therefore, BPM is widely applied in industry. Although organizations depend on the secure enactment of electronic business processes, existing BPM languages and techniques provide only little support for security. Several approaches have been proposed to close the...
The changing global business environment and continued introduction of new technologies are significantly affecting organizations' privacy practices. In this environment, privacy-enhancing technology (PET) often becomes a key to protecting personal information. A considerable amount of literature has discussed PET technologies and their benefits. However, the lack of clear organizational accountability...
Enabling cross-organizational cooperation in ubiquitous computing environments poses new security challenges that concern particularly the interoperability of security management systems and the security policies of each organization. In this paper, we present a semantic framework for cooperative security management processes design in a cross-organizational context. Our framework is based on a hybrid...
The construction project of coal mine is characterized by onetime, high cost, long duration, difficult construction, technical complexity and multitudinous project participants, whose risk events occur frequently in its construction. Therefore, the risk monitoring of construction project of coal mine is of theoretical significance and practical value. The risk control problems of coal mine construction...
In to days economy, collaborative computing grows in importance. Inter-organizational service-based processes are increasingly adopted by different companies when they cannot achieve goals on their own. As a result, conformance problems arise and it must be ensured that the integrity of processes execution remains guaranteed. In this paper, we propose new components, to be deployed along the boundaries...
The CERT® Resilience Management Model (CERT®-RMM) defines processes for managing operational resilience in complex, risk-evolving environments. The model encompasses and integrates activities from security, business continuity, and aspects of IT operations management. It provides a path for making operational resilience a repeatable, predictable, manageable, and improvable process over which an organization...
The business environment of most enterprises comprises of fluid requirements, and emergent behaviour that cause continuous changes across the enterprises' business processes. Thus, Process Management Systems (PMSs) able to handle such changes become a necessity for businesses in order to effectively respond in this volatile environment. However, despite the plethora of available PMS, dynamic process...
It is hard for security practitioners and decision-makers to know what level of protection they are getting from their investments in security, especially when they have invested in a number of technologies and processes which interact and combine together. It is even harder to estimate how well these investments can be expected to protect their organizations in the future as security policies, regulations...
ITIL (IT infrastructure library) processes are implemented in the complex organization environment, and should be interactive with the organization systems from the viewpoint of security, knowledge, information, control and semantics. ITIL provides a framework of best practice guidance for IT service management based on process, and has grown to become the most widely accepted approach to IT service...
ITIL (IT Infrastructure Library) provides a framework of best practice guidance for IT service management based on process, and has grown to become the most widely accepted approach to IT service management in the world. ITIL processes are implemented so that they underpin the organization business, and play the core role in the framework. The paper presents ITIL process integration architecture in...
While many fields have well-defined research agendas, evolution of the field of digital forensics has been largely driven by practitioners in the field. As a result, the majority of the tools and practice have been developed in response to a diverse set of specific threats or scenarios, rather than as the result of a research and development plan. In June, 2008 a group of digital forensics researchers,...
This paper discusses the effects of Sarbanes-Oxley (SOX) Act on corporate information security governance practices. The resultant regulatory intervention forces a company to revisit its internal control structures and asses the nature and scope of its compliance with the law. This paper reviews the implications emerging from the mandatory compliance with Sarbanes-Oxley (SOX) Act. Issues related to...
The success of service-oriented architectures (SOAs) and the Web Service technology in fulfilling the business's needs for inter-enterprise processes led to new challenges for security management in federated environments. Because of the predominant aspect of loose coupling in a SOA the issue of where to locate the processes of authentication and authorization, forming together the access control,...
With an increased focus on national security and public safety communications, the US Congress revisited its plan to reclaim television broadcaster frequencies to be reallocated and auctioned by the FCC and it specifically allocated a portion of that spectrum for use by public safety. The FCC was charged with the duty of auctioning this spectrum and licensing it to create a public safety network....
Too often projects deliver software of which the quality is difficult to predict. Sometimes the project completion is delayed due to the continuous change of requirements while the software is still being built. The quality level must align with the company needs. It is extremely important that the planned benefits of an IT system are reached. When the benefits are not achieved it will cause much...
Compliance management (CM) is the management process that an organization implements to ensure organizational compliance with relevant requirements and expectations. Compliance auditing (CA) is a child-process of CM where compliance rules and policies are individually checked against the organization to determine the level of compliance achieved by the organization. In this paper, we arrange organizational...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.