A framework for outsourcing IS/IT security services
Purpose ? This paper seeks to provide an overview of the major technical, organizational and legal issues pertaining to the outsourcing of IS/IT security services. Design/methodology/approach ? The paper uses a combined socio-technical approach to explore the different aspects of IS/IT security outsourcing and suggests a framework for accommodating security and privacy requirements that arise in outsourcing arrangements. Findings ? Data protection requirements are a decisive factor for IS/IT security outsourcing, not only because they pose restrictions to management, but also because security and privacy concerns are commonly cited among the most important concerns prohibiting organizations from IS/IT outsourcing. New emerging trends such as outsourcing in third countries, pose significant new issues, with regard to meeting data protection requirements. Originality/value ? The paper illustrates the reasons for which the outsourcing of IS/IT security needs to be examined under a different perspective from traditional IS/IT outsourcing. It focuses on the specific issue of personal data protection requirements that must be accommodated, according to the European Union directive.
No Reference information available - sign in for access.
No Citation information available - sign in for access.
No Supplementary Data.
No Article Media