Author:
Wolfgang Haidegger
Affiliation:
SECUDE Global Consulting GmbH, Austria
Keyword(s):
e-Business, ISMS, ISO/IEC 27001, ISO/IEC 17799, ISO/IEC 15408, Risk Analysis, Information Security Policies, Security Guidelines and Procedures, Evaluation Assurance Level.
Related
Ontology
Subjects/Areas/Topics:
Communication and Software Technologies and Architectures
;
e-Business
;
Enterprise Information Systems
;
Security and Privacy
Abstract:
This paper first motivates the necessity of a planning tool for IT infrastructure and applications, which allows the inclusion of security measures in an automated way. Then the author summarizes the requirements coming from legal and technical standards, which serve as a framework to assure the compliance of the results of planning activities with the respective applicable regulations. Next, a rough concept for realizing the planning tool is presented and finally conclusions are presented.