Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector
Autor(a) principal: | |
---|---|
Data de Publicação: | 2011 |
Outros Autores: | , , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Journal of Information Systems and Technology Management (Online) |
Texto Completo: | https://www.revistas.usp.br/jistem/article/view/12906 |
Resumo: | This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context. |
id |
USP-33_5b27aea7c345cb78067d0a74e2f3cb93 |
---|---|
oai_identifier_str |
oai:revistas.usp.br:article/12906 |
network_acronym_str |
USP-33 |
network_name_str |
Journal of Information Systems and Technology Management (Online) |
repository_id_str |
|
spelling |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector securityinformationorganizational cultureimagescompensatory fuzzy logic This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context. TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária2011-12-01info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfhttps://www.revistas.usp.br/jistem/article/view/1290610.4301/S1807-17752011000300003Journal of Information Systems and Technology Management; v. 8 n. 3 (2011); 555-580Journal of Information Systems and Technology Management; Vol. 8 No. 3 (2011); 555-580Journal of Information Systems and Technology Management; Vol. 8 Núm. 3 (2011); 555-5801807-1775reponame:Journal of Information Systems and Technology Management (Online)instname:Universidade de São Paulo (USP)instacron:USPenghttps://www.revistas.usp.br/jistem/article/view/12906/14697Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)info:eu-repo/semantics/openAccessKnorst, André MarceloVanti, Adolfo AlbertoAndrade, Rafael Alejandro EspínJohann, Silvio Luiz2014-05-18T13:30:02Zoai:revistas.usp.br:article/12906Revistahttp://www.scielo.br/scielo.php?script=sci_serial&pid=1807-1775&lng=pt&nrm=isoPUBhttps://old.scielo.br/oai/scielo-oai.php||jistem@usp.br1807-17751807-1775opendoar:2014-05-18T13:30:02Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP)false |
dc.title.none.fl_str_mv |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector |
title |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector |
spellingShingle |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector Knorst, André Marcelo security information organizational culture images compensatory fuzzy logic |
title_short |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector |
title_full |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector |
title_fullStr |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector |
title_full_unstemmed |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector |
title_sort |
Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector |
author |
Knorst, André Marcelo |
author_facet |
Knorst, André Marcelo Vanti, Adolfo Alberto Andrade, Rafael Alejandro Espín Johann, Silvio Luiz |
author_role |
author |
author2 |
Vanti, Adolfo Alberto Andrade, Rafael Alejandro Espín Johann, Silvio Luiz |
author2_role |
author author author |
dc.contributor.author.fl_str_mv |
Knorst, André Marcelo Vanti, Adolfo Alberto Andrade, Rafael Alejandro Espín Johann, Silvio Luiz |
dc.subject.por.fl_str_mv |
security information organizational culture images compensatory fuzzy logic |
topic |
security information organizational culture images compensatory fuzzy logic |
description |
This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context. |
publishDate |
2011 |
dc.date.none.fl_str_mv |
2011-12-01 |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
https://www.revistas.usp.br/jistem/article/view/12906 10.4301/S1807-17752011000300003 |
url |
https://www.revistas.usp.br/jistem/article/view/12906 |
identifier_str_mv |
10.4301/S1807-17752011000300003 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
https://www.revistas.usp.br/jistem/article/view/12906/14697 |
dc.rights.driver.fl_str_mv |
Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online) info:eu-repo/semantics/openAccess |
rights_invalid_str_mv |
Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online) |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária |
publisher.none.fl_str_mv |
TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária |
dc.source.none.fl_str_mv |
Journal of Information Systems and Technology Management; v. 8 n. 3 (2011); 555-580 Journal of Information Systems and Technology Management; Vol. 8 No. 3 (2011); 555-580 Journal of Information Systems and Technology Management; Vol. 8 Núm. 3 (2011); 555-580 1807-1775 reponame:Journal of Information Systems and Technology Management (Online) instname:Universidade de São Paulo (USP) instacron:USP |
instname_str |
Universidade de São Paulo (USP) |
instacron_str |
USP |
institution |
USP |
reponame_str |
Journal of Information Systems and Technology Management (Online) |
collection |
Journal of Information Systems and Technology Management (Online) |
repository.name.fl_str_mv |
Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP) |
repository.mail.fl_str_mv |
||jistem@usp.br |
_version_ |
1809284036069163008 |