Zachman and Security Policy


"A system security policy is often perceived as a set of mandatory requirements levied upon the system by an organizational directive or Information System Security Officer (ISSO). To the user, these security requirements may bear little resemblance to his actual working system security policy, which controls data modification and user privileges. In the course of reengineering business processes and information systems, the system modeling activities provide a unique opportunity: This paper presents a methodology for security policy definition using the Zachman information systems architecture as a tool. The system security policy can be extracted from the Zachman framework, providing a technique for reconciling the security policy as defined by directive with the user’s working system security
requirements."

Download (please login and scroll down)

Download Document: Documents are in common file formats such as Microsoft Word (doc), Powerpoint (ppt), Excel (xls,csv,xlsx), and Adobe pdf.
Download


Related Categories




Related Topics




Related Articles


Extended Enterprise Architecture Framework (E2AF)

A one page quick reference summary of the Extended Enterprise Architecture Framework (E2AF) developed by IFEAD.

Introduction to Zachman Framework

This presentation provides a quick introduction to the Zachman Framework for enterprise architecture planning.




Posted on 05/28/2009 by


Zachman and Security Policy author sourabhhajela

sourabhhajela




Signup For ThoughtLeader









Subscribe


CIO Index

What every CIO needs to know

CIO Index is the world's largest professional network for CIOs - of the CIO, for the CIO, by the CIO. 

Over 60,000 CIOs and other IT Executives use CIO Index to Learn, Network and Share.

 

Cioindex, Inc.

  • (+1) 800-309-3550
  • Mon - Fri 9:00am - 5:00 pm
  • 115 Franklin Tpke, Mahwah, NJ 07430