| Περίληψη: | Purpose – This paper seeks to provide an overview of the major technical, organizational and legal
issues pertaining to the outsourcing of IS/IT security services.
Design/methodology/approach – The paper uses a combined socio-technical approach to explore
the different aspects of IS/IT security outsourcing and suggests a framework for accommodating
security and privacy requirements that arise in outsourcing arrangements.
Findings – Data protection requirements are a decisive factor for IS/IT security outsourcing, not only
because they pose restrictions to management, but also because security and privacy concerns are
commonly cited among the most important concerns prohibiting organizations from IS/IT
outsourcing. New emerging trends such as outsourcing in third countries, pose significant new
issues, with regard to meeting data protection requirements.
Originality/value – The paper illustrates the reasons for which the outsourcing of IS/IT security
needs to be examined under a different perspective from traditional IS/IT outsourcing. It focuses on
the specific issue of personal data protection requirements that must be accommodated, according to
the European Union directive. |
|---|
English