43,891 Hits in 5.6 sec

Service-oriented Event Assessment - Closing the Gap of Compliance Management

F. Majer, M. Nussbaumer, D. Riexinger, V. Simon
Exploiting the architectural paradigm of service oriented architecture (SOA), the concept establishes an integrated view of complex relationships and supports immediate reactions on suspicious events in  ...  Data from various sources combined with business process contexts establish a sound basis for the assessment of a privileged access.  ...  Service-oriented Event Assessment -Closing the Gap of Compliance Management. Proceedings of INFORMATIK 2009 -Im Focus das Leben, 39.  ... 
doi:10.5445/ir/1000014895 fatcat:dr2o6gk5znbitni2g2enmggzme


Gabriela Gheorghe, Fabio Massacci, Stephan Neuhaus, Alexander Pretschner
2009 Proceedings of the first ACM workshop on Information security governance - WISG '09  
Advanced methodologies for compliance such as CobiT identify a number of maturity levels that must be reached: first the existence of an infrastructure for the enforcement of security controls; second,  ...  As an instance of the highest level of governance and compliance, we suggest a method of goal correlation that provides measurable indicators of security and compliance by systematically refining business  ...  We contribute to closing this gap with a maturity model and the concrete elements needed to achieve the higher levels of maturity .  ... 
doi:10.1145/1655168.1655175 fatcat:y37suiq5bvhzxhzxtsfgnkqcou

IT Governance

Christof Ebert, Aurora Vizcaino, Antonio Manjavacas
2020 IEEE Software  
Acknowledgment The work of A. Vizcaino and A.  ...  Manjavacas has been funded by the G3SOFT project (Consejería de Educación de la Junta de Comunidades de Castilla La Mancha) and BIZDE-VOPS-GLOBAL project (Ministerio de Ciencia).  ...  self-service portal as well as REST and SOAP web services Resolver: IT risk and compliance management software • Improved IT risk and compliance management through centralization of threats and vulnerabilities  ... 
doi:10.1109/ms.2020.3016099 fatcat:swqq6pgsefblbl3yg4ruex7dry

Trust and Compliance Management Models in Emerging Outsourcing Environments [chapter]

Aljosa Pasic, Juan Bareño, Beatriz Gallego-Nicasio, Rubén Torres, Daniel Fernandez
2010 IFIP Advances in Information and Communication Technology  
As the future internet of services evolves towards dynamic "service marketplaces", where shared services are discovered, negotiated and choreographed at run-time, the new approaches to the compliance management  ...  This paper describes the compliance management models in emerging outsourcing environments that include use of shared services such as cloud computing services.  ...  All of these might be requested to provide events or evidences to the TP services such as assessment services (AS) or external auditors.  ... 
doi:10.1007/978-3-642-16283-1_27 fatcat:nfxix4o23zhkjlwrop7ltgos5e

Analysis of recommended cloud security controls to validate OpenPMF "policy as a service"

Ulrich Lang, Rudolf Schreiner
2011 Information Security Technical Report  
As part of the project, the authors first identified security concerns related to cloud computing, and gaps in cloud-related standards/regulations.  ...  Security Policy Authorization management Access policy Compliance Model-driven security Accreditation Audit policy Application security XACML OpenPMF NIST 800-53 NIST 800-147 NIST IR 7628 PCI-DSS HIPAA  ...  Acknowledgments The project described in this paper was part funded by the UK Technology Strategy Board as part of the Feasibility Studies for Digital Services micro-SME call.  ... 
doi:10.1016/j.istr.2011.08.001 fatcat:5vzc57d4pjhc7lyrrsqjcbfkyu

Improving Cyber Security of Internet Web Gateway using NIST Framework

Azzam Fahmy
2019 Journal of Applied Information, Communication and Technology  
And future outcomes of the replacement of Internet web gateway shall address the current and future profile and managed security program base on risk evaluation.  ...  The framework will help Company to identify, asses and managing cyber security risk in regards with replacing the old Web Gateway.  ...  The cyber security program consists of Scope, orientations, creating current profile, conducting risk assessment, target profile and determine, analyze and prioritize Gaps.  ... 
doi:10.33555/ejaict.v6i1.63 fatcat:2jhzanjkfjaxflvofon5zzxara

On-Demand Dynamic Security for Risk-Based Secure Collaboration in Clouds

S. Bertram, M. Boniface, M. Surridge, N. Briscombe, M. Hall-May
2010 2010 IEEE 3rd International Conference on Cloud Computing  
throughout the lifecycle of a service-oriented application deployed within the cloud.  ...  The platform address the need to model security requirements, dynamically provision and configure security services and link operational security events to vulnerabilities and impact assessments at the  ...  The SOI brings together data management, process management and trust management to allow business decision makers to plan service networks, to assess explicitly the consequences of security decisions  ... 
doi:10.1109/cloud.2010.83 dblp:conf/IEEEcloud/BertramBSBH10 fatcat:qc2iio5vkzeebepi5ilok3gyki

Measuring Quality Satisfaction with Servqual Model

Pauna Dan
2011 Social Science Research Network  
The following paper tries to deal with the important qualities of the concept for the measuring of the gap between expected costumer services satisfactions, and perceived services like a routine customer  ...  The orientation to customer satisfaction is not a recent phenomenon, many very successful businesspeople from the beginning of the 20 th century, such as Sir Henry Royce, a name synonymous with Roll -Royce  ...  We can talk about quality when the service is in compliance with customers' expectations or it exceeds them.  ... 
doi:10.2139/ssrn.2263867 fatcat:dkvwyvx63zhdbatatk2lhxedlm

Conceptualizing the Role of IS Security Compliance in Projects of Digital Transformation: Tensions and Shifts Between Prevention and Response Modes

Hassan Raza, Joao Baptista, Panos Constantinides
2019 International Conference on Information Systems  
We conduct a participatory observation study of the implementation of Robotic Process Automation (RPA) in a financial services organization.  ...  We examine the shift from prevention to response in this project and identify generative drivers of digital transformation, and drivers of IS security compliance.  ...  This required Autofin's management team to create a new IT organization that would service the needs of the business.  ... 
dblp:conf/icis/RazaBC19 fatcat:kxqspww6ijhd7jx2gtq2qg67zq

IS/IT Risk Management in Banking Industry

Vlasta Svatá, Martin Fleischmann
2011 Acta Oeconomica Pragensia  
Basel II is the main framework covering the area of operational risk management, therefore the paper focuses on the assessment of the impact and integration of the Basel II framework with IS/IT risk management  ...  The relationship and common and differentfeatures between IS/IT risk management and operational risk management are discussed on the basis of a short introduction to the specifics of risk management in  ...  risk management, depth of IT coverage, risk vs. control-focused orientation, and compliance with the regulation.  ... 
doi:10.18267/j.aop.334 fatcat:an22ympj5zhdre77xxtbi6joue

Joint External Evaluation—Development and Scale-Up of Global Multisectoral Health Capacity Evaluation Process

Elizabeth Bell, Jordan W. Tappero, Kashef Ijaz, Maureen Bartee, Jose Fernandez, Hannah Burris, Karen Sliter, Simo Nikkari, Stella Chungong, Guenael Rodier, Hamid Jafari
2017 Emerging Infectious Diseases  
support received by the Secretariat from the US Department of Health and Human Services, CDC, the US Department of Agriculture, the Bill and Melinda Gates Foundation, FAO, OIE, and the Governments of  ...  Acknowledgments We acknowledge the leadership of WHO in setting up a JEE Secretariat to coordinate the JEEs that have been completed and/ or scheduled across all 6 WHO regions; recognize the guidance and  ...  It is intended to monitor and map all contributions (e.g., financial, technical, in-kind, and in-service) from donors and partners to facilitate alignment of in-country efforts to address gaps and priorities  ... 
doi:10.3201/eid2313.170949 pmid:29155678 pmcid:PMC5711324 fatcat:rfh7ulr4ojhsdpjqx4gwoix23i

Policy Chain for Securing Service Oriented Architectures [chapter]

Wihem Arsac, Annett Laube, Henrik Plate
2013 Lecture Notes in Computer Science  
The deficiencies of current processes and tools force these service providers to trade off profitability against security and compliance.  ...  and prove compliance with security requirements stemming from internal needs, 3rd party demands and international regulations and (2) to manage requirements, policies and security configuration in a cost-efficient  ...  The concepts described stem from joint efforts of all project partners.  ... 
doi:10.1007/978-3-642-35890-6_22 fatcat:f42n57wukbajjppru65jeol2ae

Supporting Customs Controls by Means of Service-Oriented Auditing [chapter]

Hans Weigand, Faiza Allah Bukhsh
2011 IFIP Advances in Information and Communication Technology  
The research objective of this paper is to explore the potential of SOA for innovating Customs processes by developing a service-oriented auditing approach and evaluating its added-value in the area of  ...  Service-oriented auditing is a promising tool to implement the ideals of continuous and online monitoring  ...  Acknowledgements This research is supported partially by the DINALOG project Extended Single Window (  ... 
doi:10.1007/978-3-642-27260-8_3 fatcat:2z6o5kdzcbfarc3n67zazchuci

Ten Principles for Living Models - A Manifesto of Change-Driven Software Engineering

Ruth Breu
2010 2010 International Conference on Complex, Intelligent and Software Intensive Systems  
In particular, the management of service oriented systems requires the integration of perspectives from IT management, software engineering and systems operation and a systematic way to handle changes.  ...  In this paper we will present the core ideas of Living Models -a novel paradigm of model-based development, management and operation of evolving service oriented systems.  ...  This comprises responsibility for the recognition and evaluation of IT related risks and the compliance of the IT services.  ... 
doi:10.1109/cisis.2010.73 dblp:conf/cisis/Breu10 fatcat:lazvx6x4gfdt5linm5maiu72du

Governance, Risk, and Compliance in Cloud Scenarios

Knud Brandis, Srdan Dzombeta, Ricardo Colomo-Palacios, Vladimir Stantchev
2019 Applied Sciences  
compliance management.  ...  Cloud computing is changing the way organizations approach technology and its infrastructure. However, in spite of its attractiveness, cloud computing can be seen as a threat in terms of compliance.  ...  Acknowledgments: Authors would like to thank subjects for the contributions provided. Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/app9020320 fatcat:urjokgaoincqvhqadgoqkf7xee
« Previous Showing results 1 — 15 out of 43,891 results