IT operates in dynamic environments with the need always to change and adapt. There is a need to improve performance. Many gaps were found when we conduct the IT audit and we tried to seek to close gaps in capabilities. One way to the close these gaps is the adoption of good practices in wide industry use. There are several sources for good practices including public frameworks and standards su...

Compliance with law, industry standards, and corporate governance regulations are one of the driving factors for discovering security requirements. This paper aims to incorporate constraints from regulations through security requirements at an early stage of development. Constraints are extracted using a pattern based approach from legal texts of information security laws and policies derived f...

This paper describes different proposals made at UNED, for post-graduated students, at the area of IT Services Management and specially trying to fill the gap, of paramount importance, of the treatment due in ITIL® (Information Technology Infrastructure Library) to Information Security Management. We analyze the treatment given to Information Security Management in ITIL, both versions 2 and 3, ...

There are various IT frameworks and best practices supporting Information Systems. Each has its own strenghts but none of them satisfies all of the IS requirements independently. In this paper we are studying the possibilities of pooling of the most used frameworks: ITIL, Cobit, PMbok, CMMI, ISO 27001, Val IT and eTOM. The result of this paper is meant to present a Unified Maturity Model combin...