How is CMMI-DEV Applying when Using TSPi Project Planning

Villalón, José Antonio Calvo-Manzano; Cuevas, Gonzalo; Mejía, Jezreel; Munoz, M.; Feliú, Tomás San

doi:10.1109/cerma.2009.53

Cited by 3 publications

(2 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For the analysis of the identified security management standards, an adaptation on the Models and Standards Similarity Study method by J. A. Calvo-Manzano et al [47] was used. The method was as follows:…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

A process framework for information security management

Haufe¹,

Colomo‐Palacios²,

Dzombeta³

et al. 2022

IJISPM

View full text Add to dashboard Cite

Securing sensitive organizational data has become increasingly vital to organizations. An Information Security Management System (ISMS) is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security. Key elements of the operation of an ISMS are ISMS processes. However, and in spite of its importance, an ISMS process framework with a description of ISMS processes and their interaction as well as the interaction with other management processes is not available in the literature. Cost benefit analysis of information security investments regarding single measures protecting information and ISMS processes are not in the focus of current research, mostly focused on economics. This article aims to fill this research gap by proposing such an ISMS process framework as the main contribution. It is based on a set of agreed upon ISMS processes in existing standards like ISO 27000 series, COBIT and ITIL. Within the framework, identified processes are described and their interaction and interfaces are specified. This framework helps to focus on the operation of the ISMS, instead of focusing on measures and controls. By this, as a main finding, the systemic character of the ISMS consisting of processes and the perception of relevant roles of the ISMS is strengthened.

show abstract

Section: Methodsmentioning

confidence: 99%

“…A matching table regarding the possible ISMS processes was created for ITIL and COBIT [46]. In the context of the matching the following questions were asked (based on Calvo-Manzano et al [47]): a. Is there any information about ISMS processes in the other standards related to ISMS processes of the reference standard (ISO 27000 series)?…”

Section: Methodsmentioning

confidence: 99%