MIS 488 IT Governance & Standards
As IT systems are increasingly becoming part of all walks of life, information security is becoming more and more important. The security of current IT systems is not satisfactory, while security solutions are difficult and overcomplicated. International standards and regulations are being drafted to classify security systems and to certify compliance with standards (e.g. Common Criteria). Besides technical approaches, organizational level approaches are also gaining ground (COBIT, ISO27001). Quality and quality assurance are no exception to this, as in addition to ISO 9001, other ISO certifications such as ISO 27001 (Information security management standard) and ISO 20000 (IT infrastructure management stand.) are also becoming increasingly popular.