SciELO - Scientific Electronic Library Online

vol.8 número3Semantic wikis and the collaborative construction of ontologies: a case studyUnderstanding the subject's behavior in the interaction with a decision support system under time pressure and missing information índice de autoresíndice de assuntospesquisa de artigos
Home Pagelista alfabética de periódicos  

Serviços Personalizados




Links relacionados


JISTEM - Journal of Information Systems and Technology Management

versão On-line ISSN 1807-1775


KNORST, André Marcelo; VANTI, Adolfo Alberto; ANDRADE, Rafael Alejandro Espín  e  JOHANN, Silvio Luiz. Aligning information security with the image of the organization and prioritization based on fuzzy logic for the industrial automation sector. JISTEM J.Inf.Syst. Technol. Manag. [online]. 2011, vol.8, n.3, pp.555-580. ISSN 1807-1775.

This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context.

Palavras-chave : security; information; organizational culture; images; compensatory fuzzy logic.

        · texto em Inglês     · Inglês ( pdf epdf )


Creative Commons License Todo o conteúdo deste periódico, exceto onde está identificado, está licenciado sob uma Licença Creative Commons