- Home
- →
- Producció científica
- →
- Articles
- →
- Ciències Matemàtiques i Informàtica
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Mesquida, A. | |
| dc.contributor.author | Mas, A. | |
| dc.date.accessioned | 2024-10-17T06:29:30Z | |
| dc.date.available | 2024-10-17T06:29:30Z | |
| dc.identifier.uri | http://hdl.handle.net/11201/166415 | |
| dc.description.abstract | [eng] The ISO/IEC 15504 international standard can be aligned with the ISO/IEC 27000 information security management framework. During the research conducted all the existing relations between ISO/IEC 15504-5 software development base practices and ISO/IEC 27002 security controls have been analysed and the ISO/IEC 15504 Security Extension has been developed. This extension details the changes that software companies should make in the software lifecycle processes for the successful implementation of the related security controls. To attain our research objectives, we evaluate the ISO/IEC 15504 Security Extension through case studies in a sample of software development organizations. This study follows the design science research paradigm that is based on constructive research. | |
| dc.format | application/pdf | |
| dc.relation.isformatof | https://doi.org/10.1016/j.cose.2014.09.003 | |
| dc.relation.ispartof | 2015, vol. 48, p. 19-34 | |
| dc.rights | , 2015 | |
| dc.subject.classification | 004 - Informàtica | |
| dc.subject.classification | 62 - Enginyeria. Tecnologia | |
| dc.subject.other | 004 - Computer Science and Technology. Computing. Data processing | |
| dc.subject.other | 62 - Engineering. Technology in general | |
| dc.title | Implementing information security best practices on software lifecycle processes: The ISO/IEC 15504 Security Extension | |
| dc.type | info:eu-repo/semantics/article | |
| dc.type | info:eu-repo/semantics/ | |
| dc.date.updated | 2024-10-17T06:29:30Z | |
| dc.subject.keywords | Information security management systems | |
| dc.subject.keywords | ISO/IEC 27002 | |
| dc.subject.keywords | Software Process Improvement (SPI) | |
| dc.subject.keywords | ISO/IEC 15504 (SPICE) | |
| dc.rights.accessRights | info:eu-repo/semantics/openAccess | |
| dc.identifier.doi | https://doi.org/10.1016/j.cose.2014.09.003 |
Files in this item
