| Popis: |
Since the end of the 1980s, there have been several initiatives to control and manage enterprise IT environments. ITIL is one of the more successful models, COBIT another, accompanied by others as British Petroleum’s OBASHI model. However, thanks to the IP protocol and Internet, since mid-2000 the world has seen a veritable data explosion, affecting IS governance, singular IS systems now integrated. Some recent predictions expect current data volumes to grow more than 10 times till 2020, with serious implications both on governance and IT security. Additionally, we see some new EU regulations, i.e., primarily the new General Data Protection Regulation (GDPR), implemented in May 2018. Something that directly affects the scope of IS governance within the European Union and for non-European entities handling EU Citizens’ personal data; with substantial fines if not complying. The regulation forces anyone handling personal data to consider information strategies that include big data management, IS governance, and information security as a convoluted context, not by themselves, a governance package. This creates a need for a paradigm shift to remediate/mitigate identified limitations in today’s traditional governance models. This paper discusses governance from a holistic and agile perspective, based on the overall data flow, as per the requirements of GDPR. Issues that were not envisioned when today’s IS governance models were designed or not even in their latest releases. This paper was presented at the IRIS41 Nordic conference in Informatics. The paper was a conference seminar discussion paper, under blind peer review and group discussions. Only 9 out of some 30 papers made the final compilation "SELECTED PAPERS OF THE IRIS, ISSUE NR 9 (2018)" by AIS. This paper was not selected, thus published via Diva. |
