Business Intelligence Management Studies

Current Issue

By Issue

By Author

By Subject

Author Index

Keyword Index

About Journal

Aims and Scope

Publication Ethics

Indexing and Abstracting

Related Links

FAQ

Peer Review Process

Journal Metrics

News

Memorandum of Understanding

Article Writing Guide

Files

Reviwers (2020)

Reviwers2022

Consultants

4 - Reviewers 2023

Publons

The Role of Implementation of Service Management and Security Frameworks in Information Technology Service Continuity

Authors

1 Ph.D. Student, IT Management, faculty of management and accounting, Allameh Tabataba'i, University, Tehran (Corresponding Author: Jafarnezhad.sany@gmail.com

2 Faculty Member, Department of Industrial Management, Allameh Tabataba'i University, Tehran

Abstract

Competitive business environment and high dependency to the services has caused organizations to be evaluated based on the level of their ability in providing continuous services. Information Technology (IT) service continuity management discusses the capabilities of the organization to maintain an acceptable and predetermined level of IT services to support business requirements in the event of an incident. Information security management, while minimizing disruptions to business and IT Infrastructure Library (ITIL), is an appropriate structure for organizations that deliver IT services to their customers with the aim of supporting business processes. The aim of this study is to identify factors affecting the continuity of IT services. After a thorough literature review, a questionnaire was prepared using a five-point Likert scale and handed to 8 experts. The questionnaire was verified by experts in the field and then was sent to 60 IT experts of the organizations and companies. After analyzing the results, the identified factors were confirmed and the main research hypothesis - the impact of the implementation of the ITIL and the information security management system on the continuity of the IT services- was confirmed.

Keywords

References
باقراسماعیلی، ه.، (1388). سنجش همسویی استراتژیک کسب‌وکار و فناوری اطلاعات پس از پیاده­سازی چارچوب ITIL. پایان‌نامه کارشناسی ارشد، دانشگاه صنعتی شریف.
بانشی، ز.، و وزیری، ع.، (1388). استاندارد بین‌المللی مدیریت و راهبری سرویس فناوری اطلاعات 20000 ISO/ITIL.. دومین کنفرانس بین‌المللی شهرداری الکترونیکی.
خالقی، م.،(1383). راهنمای پیاده‌سازی سیستم مدیریت امنیت اطلاعات، مرکز تحقیقات مخابرات ایران.
صادقی، ا.، (1390).تحلیل فاصله وضعیت مدیریت خدمات فناوری اطلاعات در موسسه تحقیقاتی صنعتی مترا، نسبت به نسخه سوم چارچوب ITIL، پایان­نامه کارشناسی ارشد، دانشگاه علامه طباطبائی.
فکری ازگمی، ک.، (1390). تحلیل فاصله مدیریت امنیت موسسه تحقیقاتی صنعتی مترا نسبت به استاندارد سیستم مدیریت امنیت اطلاعات ایزو 27001 با استفاده از رویکرد فازی، پایان­نامه کارشناسی ارشد، دانشگاه علامه طباطبائی.
کریمی بلان، زهرا، 1388، الگوی نظام مدیریت استمرار خدمات فناوری اطلاعات بر اساس ITIL، دومین کنفرانس بین‌المللی شهر الکترونیک، تهران، پژوهشکده فناوری اطلاعات و ارتباطات جهاد دانشگاهی، شهرداری تهران.
محمدنژاد, م و صبوحی ب، ۱۳۹۵، بررسی اهمیت سیستم مدیریت امنیت اطلاعات و استانداردهای آن، سومین کنفرانس جهانی مدیریت، اقتصاد حسابداری و علوم انسانی در آغاز هزاره سوم، شیراز، با همکاری مشترک موسسه آموزش عالی علامه خویی دانشگاه زرقان-واحد پژوهش دانش‌پژوهان همایش آفرین.
یداللهی، م.، (1391). مدلی جهت سنجش میزان آمادگی سازمان برای پیاده­سازی سیستم مدیریت تداوم کسب‌وکار بر اساس استاندارد جهانی BS 25999. پایان­نامه کارشناسی ارشد، دانشگاه علامه طباطبائی.
یوسفی، ع.، (1396). بررسی تأثیر پیاده‌سازی ITIL بر بهبود مدیریت خدمات فناوری اطلاعات (مطالعه موردی: بانک توسعه تعاون). پایان‌نامه کارشناسی ارشد، دانشگاه پیام نور.
BCI. (2010). The Business Continuity Institute Good Practice Guidelines, a Management Guide to Implementing Global Good Practice in Business Continuity Management. Business Continuity Institute, London.
Eloff, J.H.P., and Eloff, M.M. (2005). Information Security Architecture. Computer Fraud & Security, 11, 10-16.
Gërvalla, M., Preniqi, N., & Kopacek, P. (2018). IT Infrastructure Library (ITIL) framework approach to IT Governance. IFAC-PapersOnLine, 51(30), 181-185.
Hou, Y., Gao, P., & Nicholson, B. (2018). Understanding organisational responses to regulative pressures in information security management: the case of a Chinese hospital. Technological Forecasting and Social Change, 126, 64-75.
ISO 27000 Directory. (2011). An Introduction to ISO 27001, ISO 27002.ISO 27008 Retrieved June 2011 from : http://www.27000.org
ISO/IEC15504. (2011). In Wikipedia, the free encyclopedia. Retrieved June 10, 2011, from: http://en.wikipedia.org/wiki/ISO/IEC_15504.
ISO/IEC20000-1. (2011). ISO/IEC 20000-1 Information technology - Service management - Part 1: Service management system requirements, April 2011.
ISO19770. (2011). ISO19770 Software Asset Management Processes. Retrieved  jun 10, 2011, from: http://www.iso19770.com/.
ITIL Books. (2011). The ITIL Toolkit. Retrieved jun 10, 2011 from: http://www.itil.org.uk/kit.htm
ITIL HELP (2005). What is BS15000?, Whitepaper, September 2005.  Retrieved from: www.bestpracticehelp.com/Whats_BS15000.pdf
ITIL. (2011). In Wikipedia, the free encyclopedia. Retrieved June 10, 2011, from: http://en.wikipedia.org/wiki/ITIL
Järveläinen, J. (2013). IT incidents and business impacts: Validating a framework for continuity management in information systems. International Journal of Information Management, 33(3), 583-590.
Karabacak, B., and Sogukpinar, I. (2006). A quantitative method for ISO 17799 gap analysis. Computers & Security, 25, 413-419.
 Ma, Q. (2004). Theoretical and design issues for a computer assisted vocabulary learning program: WUFUN. Proceedings from CALL 2004 : the Eleventh International Computer-Assisted Language Learning Conference (pp. 241-251). Antwerp, Belgium : University of Antwerp. 2-6 sep 2004.
Menken, I.(2008), IT Service Continuity Management and Disaster Recovery Best Practice Handbook, Emereo Pty Ltd,.
OGC. (2007). The official introduction to the ITIL service lifecycle. London: TSO.
Rabbani, M., Soufi, H. R., & Torabi, S. A. (2016). Developing a two-step fuzzy cost–benefit analysis for strategies to continuity management and disaster recovery. Safety Science, 85, 9-22.
Sahibudin, S., Sharifi, M., & Ayat, M. (2008, May). Combining ITIL, COBIT and ISO/IEC 27002 in order to design a comprehensive IT framework in organizations. In 2008 Second Asia International Conference on Modelling & Simulation (AMS) (pp. 749-753). IEEE.
Sirisomboonsuk, P., Gu, V. C., Cao, R. Q., & Burns, J. R. (2018). Relationships between project governance and information technology governance and their impact on project performance. International journal of project management, 36(2), 287-300.
Torabi, S. A., Giahi, R., & Sahebjamnia, N. (2016). An enhanced risk assessment framework for business continuity management systems. Safety science, 89, 201-218.
Torabi, S. A., Soufi, H. R., & Sahebjamnia, N. (2014). A new framework for business impact analysis in business continuity management (with a case study). Safety Science, 68, 309-323.
Van de Walle, B., & Rutkowski, A. F. (2006). A fuzzy decision support system for IT service continuity threat assessment. Decision support systems, 42(3), 1931-1943.
Von solms, R., and Von solms, SH. (2006a). Information Sarurity Governance: A model based on the Direct-Control Cycle. computers & security, 25, 408-412.
Von solms, R., and Von Solms, SH. (2006b). Information security governance: Due care. computers & security, 25, 494-497.
Zsidisin, G.A., Melnyk, S.A., Ragatz, G.L., 2005. An institutional theory perspective of business continuity planning for purchasing and supply management. Int. J. Prod. Res. 43 (16), 3401–3420.
Business Intelligence Management Studies
Volume 8, Issue 30
January 2020
Pages 33-54
Files
History
  • Receive Date: 18 January 2020
  • Accept Date: 18 January 2020
Share
How to cite
Statistics