Information Security artefact. By: Yuri ... requirements of the Artefact ... security managers. Sessions. -GSS Brainstorm. -UML Design. -Building a prototype.
Defining a research method for engineering a Business Information Security artefact By: Yuri Bobbert University of Antwerp Radboud University Nijmegen
Experiment
This research proposes several research methods for designing and engineering a Business Information Security (BIS) artefact. Defining research methods to establish artefact functions (e.g. dashboarding, risk register) that reflect the parameters of control for Board of Directors, is the main motivation for this research project. The ultimate goal is to engineer this BIS artefact and thereby solve the problem of a low level of BIS maturity. We propose a research method that can be used to establish an experimental dashboard with initial parameters of control, based on a Design Science Research (DSR) approach. Group Support System (GSS) research can assist organisations applying the artefact into the organisations with the accompanying collaboration and decision making (fit to purpose) processes.
More info on Maturing Business Information Security (MBIS); www.mbis.eu SecuriMeter trail version via: https://apps.securimeter.eu/
-Literature Research
-Delphi Research -GSS Research
Creative Methods
-Proof of Concept -GSS Research
-GSS Research -Case Study Research Fit to Purpose
Initial problem
Explicate the problem
Define requirements of the Artefact
Design and Develop Artefact
Demonstrate Artefact
Evaluate Artefact
BIS parameters for Boards
Requirements
1st version of the Artefact
Demonstrated Artefact
Evaluated Artefact
Feedback loop
-Literature review -Mid market survey -2 x GSS Research with Experts Publications
-GSS Research with CI(S)O s -GSS Research with experts -2 x Delphi Research with CISO s and security managers
-GSS Brainstorm -UML Design -Building a prototype SecuriMeter Dashboard
Sessions SecuriMeter Artefact with Board of Directors parameters of control e.g. maturity meters, risk log, control tracking, benchmarking, application programming interface (API’s), cyber economics etc.
Defining a research method for engineering a Business Information Security artefact By: Yuri Bobbert University of Antwerp Radboud University Nijmegen
Experiment
This research proposes several research methods for designing and engineering a Business Information Security (BIS) artefact. Defining research methods to establish artefact functions (e.g. dashboarding, risk register) that reflect the parameters of control for Board of Directors, is the main motivation for this research project. The ultimate goal is to engineer this BIS artefact and thereby solve the problem of a low level of BIS maturity. We propose a research method that can be used to establish an experimental dashboard with initial parameters of control, based on a Design Science Research (DSR) approach. Group Support System (GSS) research can assist organisations applying the artefact into the organisations with the accompanying collaboration and decision making (fit to purpose) processes.
More info on Maturing Business Information Security (MBIS); www.mbis.eu SecuriMeter trail version via: https://apps.securimeter.eu/
-Literature Research
-Delphi Research -GSS Research
Creative Methods
-Proof of Concept -GSS Research
-GSS Research -Case Study Research Fit to Purpose
Initial problem
Explicate the problem
Define requirements of the Artefact
Design and Develop Artefact
Demonstrate Artefact
Evaluate Artefact
BIS parameters for Boards
Requirements
1st version of the Artefact
Demonstrated Artefact
Evaluated Artefact
Feedback loop
-Literature review -Mid market survey -2 x GSS Research with Experts Publications
-GSS Research with CI(S)O s -GSS Research with experts -2 x Delphi Research with CISO s and security managers
-GSS Brainstorm -UML Design -Building a prototype SecuriMeter Dashboard
Sessions SecuriMeter Artefact with Board of Directors parameters of control e.g. maturity meters, risk log, control tracking, benchmarking, application programming interface (API’s), cyber economics etc.
