12 research outputs found
Validating the domains of an inter-organizational business-IT alignment assessment instrument: A case study
CIOs can judge the effectiveness of their business-IT alignment activities by assessing maturity of processes in domains relevant to alignment. Currently, assessment instruments that support this are being developed. This paper reports on a case study aimed at validating four process domains we deemed necessary for inclusion in an assessment instrument that focuses on business-IT alignment at the level of inter-organizational collaboration. Our case study research draws on empirical evidence from an inter-organizational collaboration among different government departments within the state of Tamaulipas in Mexico. The case study revealed that the domains included in the alignment assessment instrument are the most important ones to address when achieving business-IT alignment in inter-organizational collaborations
Validating adequacy and suitability of business-IT alignment criteria in an inter-enterprise maturity model
Aligning requirements of a business with its information technology is currently a major issue in enterprise computing. Existing literature indicates important criteria to judge the level of alignment between business and IT within a single enterprise. However, identifying such criteria in an inter-enterprise setting â or re-thinking the existing ones â is hardly addressed at all. Business-IT alignment in such settings poses new challenges, as in inter-enterprise collaborations, alignment is driven by economic processes instead of centralized decision-making processes. In our research, we develop a maturity model for business-IT alignment in inter-enterprise settings that takes this difference into account. In this paper, we report on a multi-method approach we devised to confront the validation of the business-IT alignment criteria that we included in the maturity model. As independent feedback is critical for our validation, we used a focus group session and a case study as instruments to take the first step in validating the business-IT alignment criteria. We present how we applied our approach, what we learnt, and what the implications were for our model
Towards a business-IT alignment maturity model for collaborative networked organizations
Aligning business and IT in networked organizations is a complex endeavor because in such settings, business-IT alignment is driven by economic processes instead of by centralized decision-making processes. In order to facilitate managing business-IT alignment in networked organizations, we need a maturity model that allows collaborating organizations to assess the current state of alignment and take appropriate action to improve it where needed. In this paper we propose the first version of such a model, which we derive from various alignment models and theories
iTrust: a trust-aware ontology for information systems development
This paper gives a synopsis of our present state of affairs in modelling an ontology which
reflects trust related concepts collectively in information systems development. The main problem is
that there is a lack of ontological and methodological support to model and reason about trust with its
related concepts in one allied framework. This situation provides the foremost motivation for our
research. In particular, our aim is to develop a reasoning and modelling framework that will enable
information system developers to consider trust and its related concepts collectively during the
development of information systems
Applying Misuse Case to Improve the Security of Information Systems
In the Information Security Profession we are losing the Battle. Todayâs Information Systems are, perversely, more secure than Tomorrowâs. The only way we can reverse this trend is by securing Information Systems smarter and faster than we do today. This dissertation explores Information Systems and how they are developed with the aim of incorporating Security in the early stages of their development; using a technique called âMisuse Casesâ.
Misuse Cases capture how an Information System can be used in a way that it is not supposed to, either deliberately (an attack) or accidentally (a mistake). It is true to say that Information Systems are misused by Human beings. Humans may use machines as a proxy from which to commit their misuses, but ultimately the security profession is at the mercy of human creativity (and stupidity).
Misuse Cases provide us with a way to reason about how a System might be misused at an early stage in its development. We can use this information to incorporate countermeasures into the Systemâs Requirements (in the form of security requirements).
We apply Four Techniques based on Misuse Cases to a hypothetical Case Study-an IT Contractor Management System to achieve the following:
⢠Identify potential top-level Misuses;
⢠Use Misuse Cases to Elicit Security Requirements;
⢠Propose a way to develop Tests to verify that Security Requirements have been met.
In applying the Techniques we recognise their benefits and limitations and where appropriate propose some enhancements