To read the full version of this content please select one of the options below:

A framework for outsourcing IS/IT security services

Maria Karyda (Department of Information and Communication Systems Engineering, University of the Aegean, Samos, Greece)
Evangelia Mitrou (Department of Information and Communication Systems Engineering, University of the Aegean, Samos, Greece)
Gerald Quirchmayr (Department of Informatics, Distributed and Multimedia Systems, Multimedia Information Systems, University of Vienna, Wien, Austria)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 1 October 2006

Abstract

Purpose

This paper seeks to provide an overview of the major technical, organizational and legal issues pertaining to the outsourcing of IS/IT security services.

Design/methodology/approach

The paper uses a combined socio‐technical approach to explore the different aspects of IS/IT security outsourcing and suggests a framework for accommodating security and privacy requirements that arise in outsourcing arrangements.

Findings

Data protection requirements are a decisive factor for IS/IT security outsourcing, not only because they pose restrictions to management, but also because security and privacy concerns are commonly cited among the most important concerns prohibiting organizations from IS/IT outsourcing. New emerging trends such as outsourcing in third countries, pose significant new issues, with regard to meeting data protection requirements.

Originality/value

The paper illustrates the reasons for which the outsourcing of IS/IT security needs to be examined under a different perspective from traditional IS/IT outsourcing. It focuses on the specific issue of personal data protection requirements that must be accommodated, according to the European Union directive.

Keywords

Citation

Karyda, M., Mitrou, E. and Quirchmayr, G. (2006), "A framework for outsourcing IS/IT security services", Information Management & Computer Security, Vol. 14 No. 5, pp. 403-416. https://doi.org/10.1108/09685220610707421

Publisher

:

Emerald Group Publishing Limited

Copyright © 2006, Emerald Group Publishing Limited