Aligning Information Security with the Image of the Organization and Prioritization Based on Fuzzy Logic for the Industrial Automation Sector

Authors

  • André Marcelo Knorst Coester Automação Ltda
  • Adolfo Alberto Vanti UNISINOS
  • Rafael Alejandro Espín Andrade Universidade Técnica de Havana
  • Silvio Luiz Johann Fundação Getúlio Vargas

DOI:

https://doi.org/10.4301/s1807-17752011000300003

Keywords:

security, information, organizational culture, images, compensatory fuzzy logic

Abstract

This paper develops the strategic alignment of organizational behavior through the organizations´ image, prioritization and information security practices. To this end, information security is studied based on the business requirements of confidentiality, integrity and availability by applying a tool which integrates the strategic, tactical and operational vision through the following framework: Balanced Scorecard - BSC (strategic) x Control Objectives for Information and Related Technology - COBIT (tactical) x International Organization for Standardization - ISO/International Electro Technical Commission - IEC27002 (operational). Another image instrument of the organization is applied in parallel with this analysis to identify and analyze performance involving profiles related to mechanistic, psychic prisons, political systems, instruments of domination, organisms, cybernetics, flux and transformation (MORGAN, 1996). Finally, a model of strategic prioritization, based on compensatory fuzzy logic (ESPIN and VANTI, 2005), is applied. The method was applied to an industrial company located in southern Brazil. The results with the application show two organizational images: "organism" and "flux and transformation ". The strategic priorities indicated a significant search for new business services and international markets. Regarding protection of information, security found the gap between "minimum" and "Reasonable" and in domain 8 (HR) of standard ISO/IEC27002, considered 71% protection as "inappropriate" and "minimal" in the IT Governance context.

Author Biographies

André Marcelo Knorst, Coester Automação Ltda

André Marcelo Knorst,Gerente de TI-CoesterAutomação Ltda. Mestre em Administração – UNISINOS, Bacharel em Sistemas de Informação – UNISINOS.

Adolfo Alberto Vanti, UNISINOS

Adolfo Alberto Vanti, Doutor em Direção de Empresas Universidade de DEUSTO – País Vasco – Espanha. Professor Titular do Programa de Doutorado e Mestrado em Administração e do Mestrado em Ciências Contábeis da Unisinos

Rafael Alejandro Espín Andrade, Universidade Técnica de Havana

Rafael Alejandro Espín Andrade, Professor Titular do Centro de Estudos de Tecnologia de Direção da Universidade Técnica de Havana. Matemático e Doutor em Engenharia - Tribunal Nacional Científico de Cuba.

Silvio Luiz Johann, Fundação Getúlio Vargas

Silvio Luiz Johann, Fundação Getúlio Vargas

Downloads

Published

2011-12-28

How to Cite

Knorst, A. M., Vanti, A. A., Andrade, R. A. E., & Johann, S. L. (2011). Aligning Information Security with the Image of the Organization and Prioritization Based on Fuzzy Logic for the Industrial Automation Sector. Journal of Information Systems and Technology Management, 8(3), 555–580. https://doi.org/10.4301/s1807-17752011000300003

Issue

Section

Articles