Towards an Integrated Framework for Quality and Information Security Management in Small CompaniesReport as inadecuate




Towards an Integrated Framework for Quality and Information Security Management in Small Companies - Download this document for free, or read online. Document in PDF available to download.

Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering. 2016 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis

Abstract [en] : This master thesis elaborates the construction of an integrated framework for the simultaneous initiation of quality management and information security management within micro and small enterprises. Called QISMO, the model collection consists of three parts: (1) a holistic framework as structure dedicated to achieving a shared understanding among key stakeholders concerned about relations and dependencies, (2) a reference process model for visualising the entire process with the activities related, and (3) a lifecycle model for illustrating the process loop and for clarifying specific phases therein. This study offers an analysis of alternative approaches that results in premises and requirements adapted to micro and small enterprises. Furthermore, major barriers to the improvement of quality and information security management of micro and small enterprises are identified in this study. These include miscalculation of risks, lack of competence, and absence of structured processes. Aside from valuable insights for further development of enhanced training programs, the study contributes a comprehensive analysis of standards and good practices within the field of IT governance. Moreover, the study shares a concrete reference process model that is adapted to the preconditions of micro and small enterprises. These preconditions are acquired throughout the study. The proposition is to provide a basis for the further improvement of business processes and the models related to them, both in practice and in research.

Place, publisher, year, edition, pages: 2016.

Keyword [en] : Quality Management, Information Security Management, Information Systems Modelling, Reference Process Modelling, BISE, BPMN

National Category : Engineering and Technology

Identifiers: URN: urn:nbn:se:ltu:diva-327OAI: oai:DiVA.org:ltu-327DiVA: diva2:973908

Educational program: Information Security, master's level

Supervisors : Sein, Maung

Examiners : Päivärinta, Tero Available from: 2016-09-23 Created: 2016-09-23 Last updated: 2016-10-05Bibliographically approved



Author: Große, Christine

Source: http://ltu.diva-portal.org/







Related documents