Change search
ReferencesLink to record
Permanent link

Direct link
Towards an Integrated Framework for Quality and Information Security Management in Small Companies
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
2016 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

This master thesis elaborates the construction of an integrated framework for the simultaneous initiation of quality management and information security management within micro and small enterprises. Called QISMO, the model collection consists of three parts: (1) a holistic framework as structure dedicated to achieving a shared understanding among key stakeholders concerned about relations and dependencies, (2) a reference process model for visualising the entire process with the activities related, and (3) a lifecycle model for illustrating the process loop and for clarifying specific phases therein. This study offers an analysis of alternative approaches that results in premises and requirements adapted to micro and small enterprises. Furthermore, major barriers to the improvement of quality and information security management of micro and small enterprises are identified in this study. These include miscalculation of risks, lack of competence, and absence of structured processes. Aside from valuable insights for further development of enhanced training programs, the study contributes a comprehensive analysis of standards and good practices within the field of IT governance. Moreover, the study shares a concrete reference process model that is adapted to the preconditions of micro and small enterprises. These preconditions are acquired throughout the study. The proposition is to provide a basis for the further improvement of business processes and the models related to them, both in practice and in research.

Place, publisher, year, edition, pages
Keyword [en]
Quality Management, Information Security Management, Information Systems Modelling, Reference Process Modelling, BISE, BPMN
National Category
Engineering and Technology
URN: urn:nbn:se:ltu:diva-327OAI: diva2:973908
Educational program
Information Security, master's level
Available from: 2016-09-23 Created: 2016-09-23 Last updated: 2016-10-05Bibliographically approved

Open Access in DiVA

fulltext(919 kB)1 downloads
File information
File name FULLTEXT02.pdfFile size 919 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
Department of Computer Science, Electrical and Space Engineering
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 2 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 17 hits
ReferencesLink to record
Permanent link

Direct link