Abstract
Governance of IT is becoming more and more necessary in the current financial economic situation. One declination of that statement is the definition of corporate and IT policies. To improve that matter, the paper has for objective to propose a methodology for defining policies that are closer to the business processes, and based on the strict definition of a responsibility model that clarify all actor's responsibility. This responsibility model is mainly defined based on the three concepts of capability, the accountability and the commitment. The methodology is illustrated and validated based on a case study conducted in an IT company.
Original language | English |
---|---|
Title of host publication | Proceedings of the ARES 2009 Workshop on Organizational Security Aspects (OSA), Fukuoka, Japan |
Place of Publication | 345 E 47TH ST, NEW YORK, NY 10017 USA |
Publisher | IEEE |
Pages | 762-767 |
Number of pages | 6 |
Volume | 1-2 |
ISBN (Print) | 978-1-4244-3572-2 |
DOIs | |
Publication status | Published - 2009 |
Keywords
- Process model
- Organizational model
- Responsibility model
- Business IT Alignment.
- Governance
- Policy Engineering