IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Enterprise Architecture as Context and Method for Designing and Implementing Information Security and Data Privacy Controls in Government Agencies

Enterprise Architecture as Context and Method for Designing and Implementing Information Security and Data Privacy Controls in Government Agencies
View Sample PDF
Author(s): Scott Bernard (Carnegie Mellon University, USA) and Shuyuan Mary Ho (Syracuse University, USA)
Copyright: 2009
Pages: 31
Source title: Advances in Government Enterprise Architecture
Source Author(s)/Editor(s): Pallab Saha (National University of Singapore, Singapore)
DOI: 10.4018/978-1-60566-068-4.ch015

Purchase


Abstract

Government agencies are committing an increasing amount of resources to information security and data privacy solutions in order to meet legal and mission requirements for protecting agency information in the face of increasingly sophisticated global threats. Enterprise Architecture (EA) provides an agency-wide context and method that includes a security sub-architecture which can be used to design and implement effective controls. EA is scalable, which promotes consistency and alignment in controls at the enterprise, program, and system levels. EA also can help government agencies improve existing security and data privacy programs by enabling them to move beyond a system-level perspective and begin to promote an enterprise-wide view of security and privacy, as well as improve the agility and effectiveness of lifecycle activities for the development, implementation, and operation of related security and privacy controls that will assure the confidentiality, integrity, and availability of the agency’s data and information. This chapter presents the EA3 “Cube” EA methodology and framework, including an integrated security architecture, that is suitable for use by government agencies for the development of risk-adjusted security and privacy controls that are designed into the agency’s work processes, information flows, systems, applications, and network infrastructure.

Related Content

Margee Hume, Paul Johnston. © 2017. 19 pages.
Jessy Nair, D. Bhanu Sree Reddy. © 2017. 27 pages.
Joseph R. Muscatello, Diane H. Parente, Matthew Swinarski. © 2017. 19 pages.
Klaus Wölfel. © 2017. 33 pages.
Rui Pedro Marques. © 2017. 21 pages.
Ebru E. Saygili, Arikan Tarik Saygili. © 2017. 17 pages.
Aparna Raman, D. P. Goyal. © 2017. 41 pages.
Body Bottom