An ISO/IEC 15504 Security Extension

Mesquida, Antoni Lluís; Mas, Antònia; Amengual, Esperança

doi:10.1007/978-3-642-21233-8_6

Cited by 4 publications

(2 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Therefore, we can state that Enterprise SPICE defines security and safety as attributes applied to the existing processes but not a process-based activity. The same, with some reservations, can also be said about the safety extensions to the ISO/IEC 15504 (Part 10) [15], +SAFE safety extensions to the CMMI-DEV [19] and the work done on security extensions to the ISO/IEC 15504 [16].…”

Section: Security Process Modelling Related Workmentioning

confidence: 99%

Security Process Capability Model Based on ISO/IEC 15504 Conformant Enterprise SPICE

Mitasiunas

Novickis

Kalpokas

2014

Applied Computer Systems

View full text Add to dashboard Cite

In the context of modern information systems, security has become one of the most critical quality attributes. The purpose of this paper is to address the problem of quality of information security. An approach to solve this problem is based on the main assumption that security is a process oriented activity. According to this approach, product quality can be achieved by means of process quality - process capability. Introduced in the paper, SPICE conformant information security process capability model is based on process capability modeling elaborated by world-wide software engineering community during the last 25 years, namely ISO/IEC 15504 that defines the capability dimension and the requirements for process definition and domain independent integrated model for enterprise-wide assessment and Enterprise SPICE improvement

show abstract

Section: Security Process Modelling Related Workmentioning

confidence: 99%

Security Process Capability Model Based on ISO/IEC 15504 Conformant Enterprise SPICE

Mitasiunas

Novickis

Kalpokas

2014

Applied Computer Systems

View full text Add to dashboard Cite

show abstract

“…Después de años de relaciones y de trabajo continuado con empresas del sector TIC de nuestro entorno más próximo (Mas, Fluxà & Amengual, 2012;Mesquida, Mas & Amengual, 2011), se ha podido observar que, en la mayoría de casos, cuando una empresa decide implantar una norma relativa a la gestión de servicios de TI o a la gestión de la seguridad de la información, ya ha tenido otras experiencias de calidad previas, principalmente, la implantación de la norma ISO 9001 (ISO, 2008) y el despliegue de procesos según ISO/IEC 15504 (ISO, 2006) o CMMI-DEV (SEI, 2010).…”

Section: Introductionunclassified

Integración de Estándares de Gestión de TI mediante MIN-ITs

Mesquida

Mas

Feliú

et al. 2014

RISTI

Self Cite

View full text Add to dashboard Cite

Resumen: Las empresas de desarrollo de software han apostado por la implantación de modelos y estándares de calidad con el objetivo de ofrecer productos que se adapten a las necesidades de los clientes y aumenten su satisfacción. Además de mejorar sus procesos de desarrollo de software, estas organizaciones también desean aumentar la capacidad de los procesos de otras disciplinas, como pueden ser la gestión

show abstract

MIN-ITs: A Framework for Integration of IT Management Standards in Mature Environments

Mesquida

Mas

Feliú

et al. 2014

Int. J. Soft. Eng. Knowl. Eng.

View full text Add to dashboard Cite

The growing interest of software companies for improving their internal processes, not just software development processes, but also processes in other domains such as Information Technology (IT) service management or information security management, has encouraged these companies to implement recognized models or standards. Most of the ISO standards that define models for software quality, IT service management or information security management provide their recommendations, guidelines, requirements or good practices under a process approach. Due to this approach, there are a large number of relations between these models as well as many common elements. From the study of these relations, this paper presents MIN-ITs, a new framework that supports the integration of different ISO standards related to IT management.

show abstract

An ISO/IEC 15504 Security Extension

Cited by 4 publications

References 1 publication

Security Process Capability Model Based on ISO/IEC 15504 Conformant Enterprise SPICE

Security Process Capability Model Based on ISO/IEC 15504 Conformant Enterprise SPICE

Integración de Estándares de Gestión de TI mediante MIN-ITs

MIN-ITs: A Framework for Integration of IT Management Standards in Mature Environments

Contact Info

Product

Resources

About