Hantering av IT-incidenter : En fallstudie på ICAs IT-avdelning Operations

Lindström, Lena-Maria, Karlsson, Anna, Wretlund, Magnus

January 2008

<p> </p><p><strong>Date: </strong>2008-10-06</p><p><strong></strong></p><p><strong>Level: </strong>Bachelor thesis within Information Technology and business economics, 15p, EIK021</p><p><strong></strong></p><p><strong>Authors:</strong> Anna Karlsson, akn05009@student.mdh.se</p><p>Lena-Maria Lindström, llm05002@student.mdh.se</p><p>Magnus Wretlund, mvd05001@student.se</p><p><strong></strong></p><p><strong>Tutor: </strong>Marie Mörndal</p><p> </p><p><strong>Title: </strong>Managing IT-incidents, a case study at ICAs IT department                            Operations</p><p><strong></strong></p><p><strong>Keywords:</strong> IT-incident management, IT-incident management process, IT-incident, ITIL, CCTA</p><p> </p><p><strong>Problem: </strong>An organization can benefit by having an established management process of handling IT-incidents. But how can this be achieved? Are there step-by-step procedures? What´s included in the management process of IT-incidents? Is the size of the organization relevant to which model is to be chosen? Can the work of the writers of this essay result in a recommendation of a specific model for IT-incident management? These questions lead to the following essay question; <strong>How are IT-incidents managed?</strong></p><p><strong>Purpose: </strong>The purpose of this thesis is to describe and discuss how IT incidents can be managed.</p><p><strong>Method:</strong> The writers of this essay have performed a case study at ICA, a Swedish food retail company. Eleven interviews with nine different persons have been carried out. The interviews are analyzed in the chapter called Resultat och analys.</p><p><strong>Conclusion: </strong>Our conclusion is that there are both similarities and differences in Dept. Operations´ management process for handling IT-incidents compared to what is stated in the CCTA-model. Another conclusion is that it is of highest importance for a business to implement a standard procedure for handling IT-incidents. The lack of such a model could result in e.g. financial losses.</p>

Informatics

Informatik

Hantering av IT-incidenter : En fallstudie på ICAs IT-avdelning Operations

Lindström, Lena-Maria, Karlsson, Anna, Wretlund, Magnus

January 2008

Date: 2008-10-06 Level: Bachelor thesis within Information Technology and business economics, 15p, EIK021 Authors: Anna Karlsson, akn05009@student.mdh.se Lena-Maria Lindström, llm05002@student.mdh.se Magnus Wretlund, mvd05001@student.se Tutor: Marie Mörndal   Title: Managing IT-incidents, a case study at ICAs IT department                            Operations Keywords: IT-incident management, IT-incident management process, IT-incident, ITIL, CCTA   Problem: An organization can benefit by having an established management process of handling IT-incidents. But how can this be achieved? Are there step-by-step procedures? What´s included in the management process of IT-incidents? Is the size of the organization relevant to which model is to be chosen? Can the work of the writers of this essay result in a recommendation of a specific model for IT-incident management? These questions lead to the following essay question; How are IT-incidents managed? Purpose: The purpose of this thesis is to describe and discuss how IT incidents can be managed. Method: The writers of this essay have performed a case study at ICA, a Swedish food retail company. Eleven interviews with nine different persons have been carried out. The interviews are analyzed in the chapter called Resultat och analys. Conclusion: Our conclusion is that there are both similarities and differences in Dept. Operations´ management process for handling IT-incidents compared to what is stated in the CCTA-model. Another conclusion is that it is of highest importance for a business to implement a standard procedure for handling IT-incidents. The lack of such a model could result in e.g. financial losses.

Information Systems

Är du beredd när det smäller? : Utmaningar inom incidenthantering med fokus på IT-konsultbolag

Nyman, Maja

January 2018

Information security incident management is important for organizations and its importance is increasing. Information security incidents are increasing both in number and in scope and in 2018 GDPR and the NIS-directive require organizations to report incidents to a supervision authority. This study highlights IT-consulting companies and their vulnerable position as subcontractors. The study aims to address the lack of empirical research in incident management and to inform future theory development. The goal of the study is to answer the research questions (1) what challenges do IT-consultancy companies experience with their incident management? (2) What challenges are specifically related to the GDPR and the NIS-directive? And (3) what challenges are specific for consulting companies? Challenges with the incident management are identified and clarified by qualitative interviews with experts and a survey. The analysis of the results shows that some of the challenges are consistent with previous studies, while some are new and that the survey partly support the experts' opinions. The conclusion of the study is that the majority of the companies’ improvement opportunities are linked to internal and external communication, cost focus, absence of a major incident, awareness, GDPR, the role of consulting company and internationally recognized difficult activities. The research contribution of the study consists of identified challenges in the field of incident management derived from IT-consultancy companies. The result of the study are recommended to IT-consultancy companies that would like to improve their incident management process by gaining an understanding of incident management issues. / En väl fungerande process för incidenthantering är och blir allt viktigare för organisationer. Informationssäkerhetsincidenter ökar både i antal och i omfattning och 2018 träder GDPR och NIS-direktivet i kraft med krav på rapportering av utpekade incidenter till en tillsynsmyndighet. Denna studie belyser IT-konsultbolag och deras utsatta position som underleverantör och syftar till att adressera bristen av empirisk forskning inom incidenthantering och att bidra till en framtida teoriutveckling. Målet med studien är att besvara forskningsfrågorna (1) vilka utmaningar upplever IT-konsultbolag med deras incidenthantering? (2) vilka utmaningar är specifikt relaterade till GDPR och NIS-direktivet? och (3) vilka utmaningar och är specifika för just konsultbolag? Resultatet bygger på kvalitativa intervjuer med experter och en enkätundersökning och resultatet identifierar och tydliggör upplevda utmaningar med bolagens incidenthantering. Analysen av resultatet visar att vissa av bolagens utmaningar överensstämmer med tidigare studier medan vissa är nya och att enkätundersökningen till viss del stödjer experternas utlåtanden. Slutsatsen av studien är att bolagen har flertalet utvecklings- och förbättringsmöjligheter som är kopplade till intern och extern kommunikation, kostnadsfokus, avsaknad av en större incident, medvetenhet, GDPR, rollen som konsultbolag och internationellt erkända svåra aktiviteter. Studiens forskningsbidrag består av identifierade utmaningar inom området incidenthantering hos IT-konsultbolag och resultatet av studien rekommenderas till IT-konsultbolag som, genom att få en förståelse av incidenthanteringens problematik, vill förbättra och utveckla sin process för hantering av incidenter.

Incident

information security incident management

IT-consultancy companies

GDPR.

Incident

GDPR

incidenthanteringsprocess

förbättringsmöjligheter

Övrig annan teknik