Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector

Detalhes bibliográficos
Autor(a) principal: Knorst, André Marcelo
Data de Publicação: 2011
Outros Autores: Vanti, Adolfo Alberto, Andrade, Rafael Alejandro Espín, Johann, Silvio Luiz
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Journal of Information Systems and Technology Management (Online)
Texto Completo: https://www.revistas.usp.br/jistem/article/view/12906
Resumo: This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context.
id USP-33_5b27aea7c345cb78067d0a74e2f3cb93
oai_identifier_str oai:revistas.usp.br:article/12906
network_acronym_str USP-33
network_name_str Journal of Information Systems and Technology Management (Online)
repository_id_str
spelling Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector securityinformationorganizational cultureimagescompensatory fuzzy logic This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context. TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária2011-12-01info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfhttps://www.revistas.usp.br/jistem/article/view/1290610.4301/S1807-17752011000300003Journal of Information Systems and Technology Management; v. 8 n. 3 (2011); 555-580Journal of Information Systems and Technology Management; Vol. 8 No. 3 (2011); 555-580Journal of Information Systems and Technology Management; Vol. 8 Núm. 3 (2011); 555-5801807-1775reponame:Journal of Information Systems and Technology Management (Online)instname:Universidade de São Paulo (USP)instacron:USPenghttps://www.revistas.usp.br/jistem/article/view/12906/14697Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)info:eu-repo/semantics/openAccessKnorst, André MarceloVanti, Adolfo AlbertoAndrade, Rafael Alejandro EspínJohann, Silvio Luiz2014-05-18T13:30:02Zoai:revistas.usp.br:article/12906Revistahttp://www.scielo.br/scielo.php?script=sci_serial&pid=1807-1775&lng=pt&nrm=isoPUBhttps://old.scielo.br/oai/scielo-oai.php||jistem@usp.br1807-17751807-1775opendoar:2014-05-18T13:30:02Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP)false
dc.title.none.fl_str_mv Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
title Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
spellingShingle Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
Knorst, André Marcelo
security
information
organizational culture
images
compensatory fuzzy logic
title_short Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
title_full Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
title_fullStr Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
title_full_unstemmed Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
title_sort Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
author Knorst, André Marcelo
author_facet Knorst, André Marcelo
Vanti, Adolfo Alberto
Andrade, Rafael Alejandro Espín
Johann, Silvio Luiz
author_role author
author2 Vanti, Adolfo Alberto
Andrade, Rafael Alejandro Espín
Johann, Silvio Luiz
author2_role author
author
author
dc.contributor.author.fl_str_mv Knorst, André Marcelo
Vanti, Adolfo Alberto
Andrade, Rafael Alejandro Espín
Johann, Silvio Luiz
dc.subject.por.fl_str_mv security
information
organizational culture
images
compensatory fuzzy logic
topic security
information
organizational culture
images
compensatory fuzzy logic
description This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context.
publishDate 2011
dc.date.none.fl_str_mv 2011-12-01
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
info:eu-repo/semantics/publishedVersion
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://www.revistas.usp.br/jistem/article/view/12906
10.4301/S1807-17752011000300003
url https://www.revistas.usp.br/jistem/article/view/12906
identifier_str_mv 10.4301/S1807-17752011000300003
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv https://www.revistas.usp.br/jistem/article/view/12906/14697
dc.rights.driver.fl_str_mv Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)
info:eu-repo/semantics/openAccess
rights_invalid_str_mv Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária
publisher.none.fl_str_mv TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária
dc.source.none.fl_str_mv Journal of Information Systems and Technology Management; v. 8 n. 3 (2011); 555-580
Journal of Information Systems and Technology Management; Vol. 8 No. 3 (2011); 555-580
Journal of Information Systems and Technology Management; Vol. 8 Núm. 3 (2011); 555-580
1807-1775
reponame:Journal of Information Systems and Technology Management (Online)
instname:Universidade de São Paulo (USP)
instacron:USP
instname_str Universidade de São Paulo (USP)
instacron_str USP
institution USP
reponame_str Journal of Information Systems and Technology Management (Online)
collection Journal of Information Systems and Technology Management (Online)
repository.name.fl_str_mv Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP)
repository.mail.fl_str_mv ||jistem@usp.br
_version_ 1809284036069163008

Registros relacionados