Assessing the level of security of an organization by analyzing the enterprise architecture : a methodology

Koenen, S.K. (2015) Assessing the level of security of an organization by analyzing the enterprise architecture : a methodology.

[img]
Preview
PDF
9MB
Abstract:Even the smallest of organizations make use of IT to perform their tasks. As businesses and IT are linked increasingly closer together, business security and IT security should be observed as one. This research sees Enterprise Architecture (EA) as a vehicle for integrating security into the organizational design. Most initiatives looking into the integration of EA and security, look into the process of integrated development. They, however, do not provide any insight in the quality of the resulting architecture in terms of security. This research proposes a guideline for the assessment of the level of information security of an organization by analyzing its enterprise architecture. This research proposes a framework and a methodology for performing the described analysis. The framework indicates which Enterprise Architecture documentation is needed for the suggested assessment and which requirements Information Security imposes on an organization. For each of these requirements, it is determined which artifacts contribute to the fulfillment of the requirement and how it should do this. On top of the framework, a five step methodology is defined for performing analysis on the enterprise architecture documentation. Based on a triple case demonstration and evaluation, the methodology is tested and evaluated.
Item Type:Essay (Master)
Clients:
Deloitte Consulting, Amsterdam, Netherlands
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science, 85 business administration, organizational science
Programme:Business Information Technology MSc (60025)
Link to this item:http://purl.utwente.nl/essays/66920
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page