Author : Moneef Almutairi
Affiliation : School of Computing Science, Newcastle University, Newcastle Upon Tyne
Country : UK
Category : Computer Science & Information Technology
Volume, Issue, Month, Year : 7, 5, April, 2017
Several constraints, such as business, financial, and legal can lead organizations to outsource some of their IT services. Consequently, this might introduce different security risks to major security services such as confidentiality, integrity and availability. Analysing and managing the potential security risks in the early stages of project execution allows organizations to avoid or minimize such security risks. In this paper, we propose an approach that is capable of managing the security and compliance risks of outsourced IT projects. Such an approach aims to allow organizations to minimize, mitigate, or eliminate security risks in the early stages of project execution. It is designed to manage variation in security requirements, as well as provide a methodology to guide organizations for the purpose of security management and implementation
Keyword : Security and compliance management, outsourced IT projects, security management approach.
For More Details : https://airccj.org/CSCP/vol7/csit76704.pdf