Information Technology Reference
In-Depth Information
Implementation Project
Quality
M
anage
m
ent
Acceptance
Coordination
Security
M
anage
m
ent
Request/Change
M
anage
m
ent
Release
Scheduling
Data
M
anage
m
ent
Initial Upload
M
igrations
Operation / Interface Operations
Fig. 9.1 Organisational positioning of security management
9.3
Information and Communication Security
IT security plays a major role, when systems are implemented. It can be regarded as
a stand-alone subject or be part of IT quality management in general. Even if a
separate IT quality organisation exists, mutual connections and interdependencies
are so multiple that the one cannot be considered without the other. IT quality
management is a precondition for a clean implementation of security measures.
On the other hand: without consideration of security aspects there will be no sustain-
ability in quality control.
Figure
9.1
shows the relationship between IT quality management and IT
security in an overall project:
The compliance to security requirements depends on the strategic placement of
these tasks in a company as a whole. It will be outlined, which preconditions have to
be initiated for this role. Important is the involvement of all project stakeholders.
9.3.1 Strategic Involvement
IT security management is part of the overall security management for the whole
company—all other material and immaterial goods as well as all employees. As
such IT security management should be integrated methodically into the general
