Information Management for Holistic, Collaborative Information Security Management

Abstract

The importance of information, asset and technology as key differentiator for modern organizations is increasingly recognized. More than 6,600 organizations worldwide are implementing an information security management system (ISMS) in accordance to ISO/IEC 27001. An optimal information management is a critical success factor for the effectiveness, performance and sustainability of ISMS. Information security (IS) has been considered as technical job for a long time. In the last years IS research has developed further an IS governance and people oriented direction. Additionally, different best practices such as control objectives for information and related technology (COBIT) and the information technology infrastructure library (ITIL) have been published. In accordance to the IS approaches the information management for ISMS was studied either only from a technical perspective or a measurement perspective. In this paper we integrate all perspectives by defining a holistic, generic IS management taxonomy. To establish this taxonomy we start from a collaborative ISM framework that considers the different IS research approaches and best practices. Based on our novel IS management taxonomy we define the requirements for information system integration and information processing for a holistic, collaborative IS management.KeywordsControl Objectives For Information And Related Technology (COBIT)Information Security Management System (ISMS)Information Technology Infrastructure Library (ITIL)Management TaxonomyContinual ImplementationThese keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.