• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 28
  • 25
  • 9
  • 5
  • 5
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 77
  • 77
  • 22
  • 20
  • 16
  • 16
  • 15
  • 14
  • 10
  • 10
  • 10
  • 9
  • 8
  • 8
  • 8
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
41

Método de análise para adoção de computação em nuvem: estudo de casos em organizações de grande porte. / Analysis method for cloud computing adoption: cases study in large organizations.

Milian, Eduardo Zied 19 November 2014 (has links)
A Computação em Nuvem (CN) tem potencial para transformar grande parte do setor de Tecnologia da Informação (TI). Sua evolução ao longo dos últimos anos, certamente é tida como um dos maiores avanços na história da computação. Ela vem ganhando espaço significativo como um modelo bem sucedido ao prometer economia, facilidade de uso e maior flexibilidade no controle de como os recursos são usados, a qualquer momento e em qualquer lugar, para entregar a capacidade computacional desejada. A proposta de valor capturada pelo modelo da CN é que os recursos não ficam mais ociosos a maior parte do tempo, sendo agora quase totalmente utilizados (com menores custos unitários). Esta pesquisa tem por objetivo compreender como são tomadas as decisões para aquisição, contratação e operação dos serviços de CN em organizações de grande porte atuando no Brasil. Para alcançar este objetivo foi elaborado um Método de Análise para adoção da CN a partir de elementos extraídos da literatura. Fatores associados à adoção da CN como vantagens, desafios, riscos e barreiras e capacidades essenciais dos gestores para atingir objetivos de negócios (BOB), desempenhar a gestão da função TI (MNG), dispor dos atributos da qualidade dos serviços (QAS) e tomar decisões de arquitetura (ARC), consideradas essenciais para a operação das áreas de TI das organizações, estão entre estes elementos. O trabalho também investigou como a CN pode contribuir para o alinhamento estratégico da TI ao negócio destas organizações. A metodologia utilizada é o estudo de casos múltiplos, com a aplicação do Método de Análise em quatro organizações, onde foram entrevistados os principais executivos da área de TI capazes de influenciar decisões para adotar ou aprofundar a adoção da nuvem. Os resultados obtidos mostraram a viabilidade e a aplicabilidade do Método de Análise. Ao mapear os fatores associados à adoção, o processo de decisão pode ser mais bem compreendido, possibilitando às organizações melhor estruturar o processo de aprovação e de adoção propriamente dito. Também pôde ser observado nos casos estudados de que forma se deu a contribuição da adoção da nuvem para o alinhamento estratégico da TI ao negócio. / Cloud Computing (CC) is potentially able to change a major part of Information Technology (IT) industry. Its evolution over the past few years is certainly one of the greatest advancements in the history of computing. Cloud Computing has been gaining ground as a successful model as it promises economic savings, easiness of use and greater flexibility in the control of resource use, anytime and anywhere, while delivering the required computing power. CC model value proposition is that resources are no longer idle most of the time, as they are almost used to the fullest (with lower unit costs). The purpose of this research is to understand how the decisions are made for the purchase, hiring and operation of CC services in large organizations operating in Brazil. In order to achieve this objective, we prepared an Analysis Method to adopt CC based on elements found in literature. Such elements are those factors associated to the adoption of CC such as advantages, challenges, risks and barriers and core capabilities for managers to achieve business objectives (BOB), perform management of IT function (MNG), provide quality of services (QAS) and manage architecture decisions (ARC), considered essential for operation of IT areas of organizations. The study also investigated how CC can contribute with IT strategic alignment with business of these organizations. The methodology employed is multiple cases study, applying the Analysis Method in four organizations, through interviews with main IT executives capable of influencing decisions to adopt or increase cloud adoption. The results obtained show feasibility and applicability of Analysis Method. By mapping factors associated with adoption, the decision making process may be better understood, allowing organizations to better structure approval process and the adoption itself. In cases studied it is possible to note how the adoption of cloud computing contributes with strategic alignment of IT with business.
42

Desafios para o desenvolvimento de serviços digitais pelo governo federal brasileiro / Challenges for the Development of Digital Services by the Brazilian Federal Government

Germani, Leonardo Barbosa 18 March 2016 (has links)
Submitted by Filipe dos Santos (fsantos@pucsp.br) on 2016-08-02T13:21:23Z No. of bitstreams: 1 Leonardo Barbosa Germani.pdf: 1041489 bytes, checksum: 7da0f583693bdd492c7d419fc8296153 (MD5) / Made available in DSpace on 2016-08-02T13:21:23Z (GMT). No. of bitstreams: 1 Leonardo Barbosa Germani.pdf: 1041489 bytes, checksum: 7da0f583693bdd492c7d419fc8296153 (MD5) Previous issue date: 2016-03-18 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / This research investigates the current state of IT management in Brazil’s public administration, particularly the development of digital services, and confronting it with best practices from the private sector and a few experiences from other national governments. The objective of this work is to examine the main challenges faced by IT public managers at the Brazilian Federal Government to develop quality services in a timely manner, delivering to citizens an experience that measures up to the expectations of a society increasingly familiar to the use of digital technology. To this end, this study will depart from an analysis of the best practices adopted by the IT market, especially the so-called “lean startups”, and how these practices are also being adopted by the governments of the United States of America and the United Kingdom. Based on these studies, a framework of what can be considered best practices for the development of digital services will be proposed as a reference point to evaluate the current state of practices carried out by the Brazilian government. The dissertation will then investigate the main difficulties faced by public managers to adopt such practices, first by looking at the general context of IT development within the government, its background, rules and regulations and secondly by presenting two case studies aimed at disclosing the more concrete difficulties faced by public managers on their daily basis. From these analyses, a number of challenges were identified, and will be an object of scrutiny in this research – as well as possible ways to overcome them – namely: a) repositioning IT from logistics to strategic issues; b) revising the legal framework in order to create specific processes for the development of digital services, distinct from ordinary bidding and procurement processes; c) expanding the offer of IT infrastructure available to government bodies, modernizing services provided by public enterprises and identifying services that could be hosted by commercial actors in order to reduce costs and foster the domestic market; d) enlarging and qualifying IT teams to perform under a project management perspective, not a contract management one; e) building a systemic view of the services offered, in order to deliver to the citizens an unique experience in their interface with the government; f) guaranteeing social participation in the development of the services, through the engagement of citizens in the decision-making process, opening source codes and building up a “government as platform” approach; g) considering the high degree of digital exclusion in the country and finding alternatives to offer these services to the share of society that is offline. Finally, the study will identify and present the synergy points between the outcomes and propositions listed herein and the new Strategy for Digital Governance from the Brazilian government / Esta pesquisa investiga o estado atual da gestão de Tecnologia da Informação na administração pública brasileira, com foco no desenvolvimento de serviços digitais, e confrontá-la com as melhores práticas do mercado e com algumas experiências de governos internacionais. O objetivo deste trabalho é investigar quais são os principais desafios encontrados pelos gestores públicos de TI do governo federal brasileiro para desenvolver serviços digitais com qualidade e agilidade, e que entreguem para os cidadãos uma experiência à altura da expectativa de uma sociedade cada vez mais habituada ao uso de tecnologias digitais. Faremos isso a partir da análise das melhores práticas adotadas pelo mercado de TI, em especial as chamadas “startups enxutas” (lean startups), e de como essas práticas foram adotadas pelos governos estadunidense e britânico. A partir desses estudos proporemos nosso próprio quadro de melhores práticas para o desenvolvimento de serviços digitais e o utilizaremos como referência para avaliar o estado atual as práticas no governo brasileiro. Em seguida passaremos a investigar quais são as dificuldades encontradas pelos gestores para adotar essas práticas, em primeiro lugar olhando para o contexto geral da TI no governo, sua história, normas e legislações, e, em segundo lugar, fazendo dois estudos de caso com vistas a conhecer as dificuldades concretas enfrentadas pelos gestores no dia a dia. A partir dessas análises apresentaremos uma síntese de quais foram os principais desafios identificados no desenvolvimento de serviços digitais e procuraremos apontar possíveis caminhos para enfrentá-los. Os principais desafios encontrados foram: a) reposicionar a TI da logística para a estratégia; b) revisar as normas legais para especializar o desenvolvimento de serviços digitais, que deve ter um processo específico, diferenciado das compras ordinárias; c) ampliar a oferta de alternativas de infraestrutura de TI acessíveis para os órgãos, modernizando os serviços oferecidos pelas empresas públicas e identificando serviços que possam ser hospedados em soluções comerciais para reduzir custos e fomentar o mercado nacional; d) ampliar e qualificar as equipes de TI para uma atuação voltada a gestão de projetos, e não apenas de contratos; e) construir uma visão sistêmica dos serviços, para que se possa entregar ao cidadão uma experiência única de relacionamento com o governo; f) garantir a participação da sociedade no desenvolvimento dos serviços, por meio do envolvimento do cidadão no processo, da abertura do código fonte e de uma abordagem de governo como plataforma; g) considerar o grande grau de exclusão digital do país e encontrar alternativas para oferecer os serviços à parcela da população desconectada. Por fim identificamos e apresentamos os pontos de sinergia entre as propostas desta pesquisa e a nova Estratégia de Governança Digital do governo federal
43

An Exploratory Assessment of IT Management Issues in Ontario Hospitals

Syoufi, Maria 30 July 2018 (has links)
Background and context: Given the constant evolving developments in information technology (IT) in healthcare in Canada and Ontario, and the relatively nonexistent body of literature on IT management issues from the perspectives of top IT managers (i.e. Chief Information Officers, IT directors, IT top managers) in hospitals, a follow up study of IT management issues to the study done by Jaana et al. is conducted. Purpose: To develop an authoritative list of IT management issues in Ontario hospitals and compare the results to the earlier study and the literature. Methods: Using the Ranking Type Delphi technique, the responses from IT top managers in three main panels of Ontario hospitals were solicited through a controlled iterative feedback process. The hospitals were divided into the academic panel (n = 6), community panel (n = 12), and the rural panel (n = 8) for a total of 26 out of 33 participants who completed the study. Results: 26 issues were raised and a total of 24 issues were ranked in the study. Among the 14 common issues between the three panels, the top five issues were limited funding, keeping infrastructure current, external security threats, increasing cost, and managing demands for IT projects. Comparing with the study by Jaana et al. (2011), a total of 7 new issues emerged which are concerned with technology, regulatory challenges, and human issues. A total of 10 issues were dropped from the earlier study spanning areas of strategic, technological, organizational, and human issues. The participants in the study did not significantly differ individually based on their background characteristics, where the only significant difference observed between the hospital panels was due to hospital characteristics. During the brainstorming phase a total of 195 issues were provided which were consolidated by two researchers to form a list of 26 IT management issues, with an inter coder reliability of 88%. The issues with a 4.5 out of 7 rating and higher on a Likert scale were retained to narrow down the list. This resulted in 19 issues for the rural and community panels, and 21 issues for the academic panel, with 14 of the 26 issues being common to all three panels. The ranking phase was conducted with two rounds of ranking due to the low consensus levels during the first round. The consensus level after two rounds was; W academic = 0.235, W community = 0.254, and W rural = 0.381. Contributions: This study presents a significant contribution to the management of medical informatics field by providing an approach to categorize IT management issues to observe trends overtime as well as present the application of a seminal framework to explain the changes in these issues as organizations change and grow overtime. At the management and practical levels, the list of prioritized issues provides an evidence base for top IT managers to make IT related decisions at the organizational level. The list also acts as a second benchmarking tool to evaluate hospital performance overtime with the various issues. At the policy development level, provincial governments can use the list to devise comprehensive IT management strategies to address the various regulatory issues reported. Future research can focus on exploring the resonating behind the rankings provided and replicating this study over time and across various geographies so that a large survey can be developed to follow the evolutions of IT management issues in healthcare over time.
44

Liderança e gestão em TI: uma análise do desempenho de gestores de TI baseada em competências críticas de gestão. / IT management and leadership: an analysis of the IT managers performance based on critical management competencies.

Eduardo Margara da Silva 26 March 2013 (has links)
A fronteira entre as áreas de negócios e as de tecnologia de informação (TI) vai deixando de existir e isso exige competências de gestão, baseadas em novos conhecimentos, habilidades e atitudes de liderança, que extrapolam as questões técnicas. A literatura disponível discute quais são as competências críticas de forma isolada, não as relaciona com a competitividade das empresas e não analisa o desempenho dos gestores em cada uma das competências consideradas críticas. Com o objetivo de compreender quais são as competências críticas de gestão em TI e qual é o desempenho dos gestores nessas competências, foi efetuada, neste estudo, uma revisão da teoria, a fim de elaborar um modelo de avaliação de desempenho e avaliar 149 gestores de TI. Essa avaliação foi baseada em 22 competências de gestão, organizadas em cinco áreas: gestão da estratégia de TI, gestão da inovação e tecnologia, gestão do valor da TI, gestão das equipes de TI e gestão do desempenho da TI. Na análise dos dados foram testadas dez hipóteses de pesquisa sobre as prioridades e o desempenho dos gestores de TI para poder analisar se há variação em função de fatores externos ligados ao negócio (orientação competitiva, segmento de mercado e porte do negócio) e de fatores internos (processos e funções exercidas em TI). Com base nos resultados, foi possível constatar que os fatores internos, mais que os externos, influenciam o desempenho dos gestores de TI, principalmente dependendo da função por ele ocupada dentro da organização de TI. As avaliações de competências dos gestores de infraestrutura foram superiores aos gestores de desenvolvimento e na escolha de prioridades, um maior número de gestores de infraestrutura elegeu a gestão da inovação e a gestão do valor como prioridade para o negócio. / The frontier between business and technology is reducing with technologies advance and it is requiring management competencies, based on new knowledge, skills and attitudes of leadership that go beyond technical issues. The literature discusses which competencies are critical, but it is not taking in count the business competitiveness and also does not analyzes the managers performance in each critical competency. Aiming to understand which competencies are critical in IT management and how is the performance of managers on these competencies, in this study has been conducted a theory review in order to develop a performance evaluation model and evaluate 149 IT managers based on 22 management competencies, which were organized in five areas: IT strategy management, innovation and technology management, IT value management, IT team management and IT performance management. In data analysis were tested ten research hypotheses about the priorities and performance of IT managers in order to conclude whether there is performance variation due to external factors related to the business (competitive orientation, market segment and company size) and internal factors (processes and functions in IT) that can influence the performance evaluations based on management competencies. Based on the results, it was found that the internal factors rather than external ones, influence the performance of managers, mainly depending on the role they have within the IT organization. The Competencies evaluations of IT infrastructure managers were higher than systems development managers and also most of them chose innovation management and value management as a business priority.
45

Método de análise para adoção de computação em nuvem: estudo de casos em organizações de grande porte. / Analysis method for cloud computing adoption: cases study in large organizations.

Eduardo Zied Milian 19 November 2014 (has links)
A Computação em Nuvem (CN) tem potencial para transformar grande parte do setor de Tecnologia da Informação (TI). Sua evolução ao longo dos últimos anos, certamente é tida como um dos maiores avanços na história da computação. Ela vem ganhando espaço significativo como um modelo bem sucedido ao prometer economia, facilidade de uso e maior flexibilidade no controle de como os recursos são usados, a qualquer momento e em qualquer lugar, para entregar a capacidade computacional desejada. A proposta de valor capturada pelo modelo da CN é que os recursos não ficam mais ociosos a maior parte do tempo, sendo agora quase totalmente utilizados (com menores custos unitários). Esta pesquisa tem por objetivo compreender como são tomadas as decisões para aquisição, contratação e operação dos serviços de CN em organizações de grande porte atuando no Brasil. Para alcançar este objetivo foi elaborado um Método de Análise para adoção da CN a partir de elementos extraídos da literatura. Fatores associados à adoção da CN como vantagens, desafios, riscos e barreiras e capacidades essenciais dos gestores para atingir objetivos de negócios (BOB), desempenhar a gestão da função TI (MNG), dispor dos atributos da qualidade dos serviços (QAS) e tomar decisões de arquitetura (ARC), consideradas essenciais para a operação das áreas de TI das organizações, estão entre estes elementos. O trabalho também investigou como a CN pode contribuir para o alinhamento estratégico da TI ao negócio destas organizações. A metodologia utilizada é o estudo de casos múltiplos, com a aplicação do Método de Análise em quatro organizações, onde foram entrevistados os principais executivos da área de TI capazes de influenciar decisões para adotar ou aprofundar a adoção da nuvem. Os resultados obtidos mostraram a viabilidade e a aplicabilidade do Método de Análise. Ao mapear os fatores associados à adoção, o processo de decisão pode ser mais bem compreendido, possibilitando às organizações melhor estruturar o processo de aprovação e de adoção propriamente dito. Também pôde ser observado nos casos estudados de que forma se deu a contribuição da adoção da nuvem para o alinhamento estratégico da TI ao negócio. / Cloud Computing (CC) is potentially able to change a major part of Information Technology (IT) industry. Its evolution over the past few years is certainly one of the greatest advancements in the history of computing. Cloud Computing has been gaining ground as a successful model as it promises economic savings, easiness of use and greater flexibility in the control of resource use, anytime and anywhere, while delivering the required computing power. CC model value proposition is that resources are no longer idle most of the time, as they are almost used to the fullest (with lower unit costs). The purpose of this research is to understand how the decisions are made for the purchase, hiring and operation of CC services in large organizations operating in Brazil. In order to achieve this objective, we prepared an Analysis Method to adopt CC based on elements found in literature. Such elements are those factors associated to the adoption of CC such as advantages, challenges, risks and barriers and core capabilities for managers to achieve business objectives (BOB), perform management of IT function (MNG), provide quality of services (QAS) and manage architecture decisions (ARC), considered essential for operation of IT areas of organizations. The study also investigated how CC can contribute with IT strategic alignment with business of these organizations. The methodology employed is multiple cases study, applying the Analysis Method in four organizations, through interviews with main IT executives capable of influencing decisions to adopt or increase cloud adoption. The results obtained show feasibility and applicability of Analysis Method. By mapping factors associated with adoption, the decision making process may be better understood, allowing organizations to better structure approval process and the adoption itself. In cases studied it is possible to note how the adoption of cloud computing contributes with strategic alignment of IT with business.
46

"High I.T. Failure Rate : A Management Prospect" / "Hög I.T. Underlåtenhet Rate : En förvaltningskommitté Prospect"

Hashmi, Mazhar Tajammal January 2006 (has links)
Software industry is growing day by day and software is going more complex and diverse with increase in cost and rate of failure. This increase in size and complexity of software projects has negative impact on the software productivity, schedule and effort. Organizations are demanding high quality products to increase their productivity and profits. It is common that they are facing some serious problems even after spending a large sum of money. So, its alarming situation and the concerned parties should take effective steps to resolve software project failure problem. Above all this, we are facing a high rate of software failure putting software industry on stake. This study revolves around the core issue of finding the root causes of software project failure with respect to organizational factors. In this, I have tried to find the organizational factors contributing towards the failure of software projects. I have done this study with the help of literature review and questionnaire survey. There could be one or several factors responsible for the software projects failure, which are mentioned in chapter two. I have slightly touched the Information Technology for digging deep into the failure and for understanding this phenomenon. Software failure is the biggest challenge faced by IT as well as business people. There is strong need to find the root causes of software project failure and mitigate them. For controlling this failure problem management can perform its role and I have discussed the role of management in defining, measuring, controlling and implementation of software projects. A project is considered failure when it is not able to show the anticipated results and it is happened when team is not able to fulfill the requirements of the project e.g. overruns time, overruns resources, lack of conformance with initial requirements specifications. I have tried to find out the answers of my research questions through literature review and empirical study. Root causes of software project failure are presented and validated through literature review, data analysis, discussion, and findings. A comprehensive analysis of empirical data and discussion will give you the insight into the problem and my effort to sort out them in a precise way. For the purpose of knowing the solution of this study, I will refer you towards the conclusion and recommendation. The concerned or interested people can get benefit from this research study and definitely it will help them to avoid software project failure. The contribution of the research is twofold. First, it will be helpful for the software making professionals/companies and secondly, it will be helpful for decision makers/users (Organizations), when they are going to buy or implement a software project for enhancing their productivity. / This study revolves around the core issue of finding the root causes of software project failure with respect to organizational factors. In this study, I have tried to find the organizational factors contributing towards the failure of software projects. Study is comprises of literature review and questionnaire survey. There could be one or several factors responsible for the software projects failure. I have finalized some important causes of software failure on the basis of literature review and empirical study in chapter two. Further these finalized causes of software project failure are again validated with the help of questionnaire survey in chapter four. I have presented a comprehensive analysis of the gathered data from respondents. For avoiding any aspect of the analysis, I have further added a detailed discussion on data gathered through survey. I have slightly touched the Information Technology with respect to management’s role in software project development. Information Technology is playing a very vital role in today’s organizations for competing on world level. Software failure is the biggest challenge faced by IT as well as business people. In this way, software failure is very important issue for software development firms as well as buyer and user firms. There is strong need to find the root causes of software project failure and mitigate them. In currant age, the effective use of IT is a success factor for any organization. It is only possible if we link IT with organizational goals. Business and IT managers need to learn that how they can measure, manage and justify technology as a business matter. The example of ideal organization is that which gives value to the collaboration, openness, and communication. The insight gain through this research is the basis for describing the solution for software failure problem and it is presented in chapter six (Conclusion and Recommendations) briefly. The concerned parties will be able to get the benefits from this study to avoid the failure problem. The contribution of this research is twofold. First, it will be helpful for the software making professionals/companies and secondly, it will be helpful for decision makers/users (Organizations). Especially, when they are going to buy or implementing a software project for enhancing their productivity.
47

Aplikace dashboardů v oblasti podpory řízení IT / Application of dashboards in the area of support of IT management

Sakař, Václav January 2015 (has links)
This diploma thesis is focused on the issue of IT management in the companies, which is described in the MBI (Management of Business Informatics) model, at all levels of IT management in the way how they are defined and used by MBI. The main goal of this diploma thesis is design and create (new/modified) content in the area of IT management in the MBI model for broader usage of this model in the company sphere. The main goal is fulfilled by fulfilling of two sub-goals. Firstly, it is designing and creating new metrics, dimensions and applications or modification (extension) of already existing content in MBI model. Secondly, it is implementation of new or (selected) modified content with Microsoft PowerPivot into the form of interactive applications and then into the dashboards composed from them. The structure of this diploma thesis is adjusted to make those sub-goals achievable. The structure is divided into theoretical and practical section containing together six main parts. Firstly, the two most widely used methodologies of IT management and mainly MBI model are described. Then the definitions of metric (as a main instrument, which is used in IT management) and its attributes are described. Following section contains definition of dashboards and basic description about their designing and creating. In the last part of the theoretical section are described metrics, dimensions, applications and their connections in the MBI model. First part of practical section is about designing and creating of new metrics, dimensions and applications or modifying of already existing content. The last part of this thesis contains implementation of a new or (selected) modified content into applications or dashboards. Main benefit of this diploma thesis is enrichment of existing content in the MBI model in IT management (specifically in the metrics, the dimensions, the applications and the dashboards based on those three things), which improved usability of the MBI in practical usage. Thanks to this extended content, the users or mainly the management employees can react in better way on the potential problems, have better overview about level of quality of the IT resources, can manage the employees in better way and can coordinate quality and quantity of the IT outputs in better way in general.
48

The new normal for Swedish Municipalities : Assessing the impact of working from home

Rylander, Samuel January 2021 (has links)
The COVID-19 pandemic has had major impacts on public and private life. As organizations are forced to transition to remote work to reduce the spread of the virus, there is a need for researching how employees are affected. This study explores how municipal workers have experienced the transition, by conducting a survey involving five different Swedish municipalities. This study shows that, while overall productivity has generally either increased or remained at pre-transition levels, some aspects have suffered as a result of working from home. Social interactions among co-workers, information sharing, and community building are examples of where the employees felt that something has been lost. This study contributes to research being done on this phenomenon, and gives suggestions for practitioners.
49

Stanovení zásad systému managementu informatiky kompatibilního s ISO 9001:2008 pro malé IS/IT neintenzivní podniky / ISO 9001:2008 compatible IT Management System Specification for IS/IT Non-intensive Small Businesses

Lozan, Petr January 2012 (has links)
Information systems and technologies (IT) are ubiquitous and play a significant role in everyday life of people and enterprises. Even the smallest organisations need to be sure, that their information systems are working properly, appropriately support their operations, are cost-effective and comply with regulations and other requirements. The service-based management approach to management of enterprise IT is the most promoted and widely used. But what if this approach is not equally suitable for enterprises of all sizes? This thesis presents an alternative approach to IT management, directly built on requirements of well-known International Standard ISO 9001:2008. For many people who know and understand ISO 9001 and its requirements, it should be easier to use their knowledge about management of quality for managing of IT than learn and implement IT service management and -- probably -- try to find out how to scale service management down to the environment of limited resources which is typical for small businesses. Author describes ISO 9001 as universal management system model and investigates requirements of ISO 9001:2008 related to information technology. Then attention is aimed to existing International Standards for various aspects of IT governance and management. Text describes main content of ISO/IEC 38500 for IT Governance, ISO/IEC 20000 for service management, selected standards from ISO/IEC 27000 series for information security management and ISO/IEC 19770-1 for software asset management. Next chapter shows mainly approach of COBIT5 and COBIT solutions suitable for small businesses -- COBIT Quickstart and COBIT Security Baseline. Last part of text explains, how ISO 9001:2008 was used and adapted to create the main subject of this thesis -- ISO 9001:2008 compatible IT Management System Specification for IS/IT Non-intensive Small Businesses.
50

Segurança em processamento de dados / Data processing security

Riccio, Edson Luiz 16 October 1981 (has links)
A comunidade empresarial e os profissionais de Sistemas e Processamento de Dados enfrentam atualmente um novo tipo de desafio: A ameaça dos computadores. O crescente volume de computadores e a larga utilização das tecnologias de teleprocessamento e de redes estão levando as organizações à crescente dependencia de sua Estrutura de Informatica e de seu principal produto: os sistemas de informação e os demais elementos a eles associados. Não é dificil constatar que o impacto destas tecnologias tem sido absorvido apenas parcialmente não só por usuários mas tambem pelos profissionais. De fato o desenvolvimento dos computadores não é acompanhado pelo correspondente desenvolvimento dos princípios de Administração de Processamento de Dados. Isso significa que os princípios e normas administrativos e de controle para este tipo de atividade não se encontram no estágio desejado, isto é, não foram estabelecidos princípios e normas definitivos para obter-se uma area de Processamento de Dados completamente segura e confiável. Esta \"janela aberta\" é, como consequência, o caminho mais curto para práticas criminosas e erros generalizados, os quais resultarão em danos ás operações e aos ativos das organizações. O conceito de segurança amplamente utilizado atualmente refere-se mais à segurança física e não inclui todos os componentes de uma área de Processamento de Dados, como deveria ser compreendida, a saber: a) As instalações físicas - Incluindo equipamentos, softwares, instalações, equipamentos auxiliares, linhas telefonicas, etc. b) Os sistemas de informação por computador (sistemas \"batch\" tradicionais) c) Os Sistemas de Informação por computador que utilizam tecnologias avançadas tais como Banco de Dados e Comunicação de Dados Neste estudo propõe-se que o conceito de segurança seja extendiido a todos os elementos do ambiente de processamento de dados, como um fator que contribui para sua integridade e eficácia. Este trabalho contribui para o estudo da administração em Processamento de Dados pois apresenta, para cada elemento de uma área de Processamento de Dados as causas de ameaças e os controles mais importantes na redução do impacto dessas causas. / The business community and the Data Processing and Information Systems professionals are facing today a new kind of challenge: the Computer threat. The increasing number of installed computers and the large utilization of teleprocessing and networking techniques are pushing the organizations to be greatly dependent on the Information Processing Facility and its final product: the computerized information systems and the associated environment. It is not very difficult to verify that the impact of this fast growing technology has been only partially absorbed not only by users but also by the computer professionals. In fact, the computer development is not being followed by the corresponding development of the Data Processing Administration Principles. This means that the control and administration guidelines for this type of activity are not in the desirable stage, i.e., no final conclusions have been set up on how to obtain a completely secure and reliable Data Processing Installation. This open Window is, as a consequence, the shortest way for criminal practices and generalized errors which will result in the damage of the organizations assets and operations. The concept of security largely used today refers mostly to the physical security and does not cover all the components of the Data Processing Installation as it should be understood: a) The Physical Installation - including the hardware, software, lay-out, auxiliary equipment, telephone lines , etc.. b) The computerized information system (formal batch system) c) The computerized information systems using advanced techniques such as Data Base and Data Communication. d) The Process of Information Systems Development (Methodology) In this study, we propose that the concept of security be extended to all the elements of the Data Processing environment, as a basic factor which contributes to its integrity and effectiveness. As a contribution to the study of the Data Processing Administration, we present, for each element, the most critical causes of exposures and the most important controls which may reduce the impact of these causes.

Page generated in 0.0616 seconds