Stakeholder Contexts and Industry Standards: ISO/IEC 38500 IT Governance, but then an IT Compliance Framework
ISO / IEC 38500 IT Governance ^ Compliance
In information technology, standards for administration and enforcement of general applications are related to the International Organization for Standardization, or ISO, and the International Electrotechnical Commission, or IEC. The ISO/IEC 38500 IT governance and compliance framework is such a standard. According to A. L. Holt (2013), directors and senior officers understanding their responsibility for governing information technology systems addresses three issues: procured system integration, responding to legislative requirements for storing personal data, and documentation (Part A, Sec. 3).
SMEs Linked to Measurable Successful Outcomes
With regard to small and medium-sized enterprises, or SMEs, Olaitan Olutoyin and Stephen Flowerday suggested that the IT governance structure and the operational governance processes are linked to measurable successful outcomes by three key pillars (2016). Olutoyin and Flowerday (2016) said that the three key pillars mentioned technology context of the enterprise, organizational context, and environmental context.
A O (n^2) Rate of Dangerous Change: Converting Target and Legacy Systems
On tangential rhetoric, a possible derivation of the collaborative research comments by Olutoyin and Flowerday is that the narrative of stakeholder involvement related to information technology governance frameworks and networking technology (link) implementations is quantifiable. In exposition, Satyam Tyagi (2016) reflecting that compromising a single low privilege user resulting in the entire Target enterprise compromised indicates Target not understanding legislative requirements for storage data involving integrating more secure systems and documentation for the legacy systems. Therefore, the worst-case is defending each low privilege user. The even worse case that should be replaced is probably a criminal hacker, a cracker, gaining access to any a parallelized system looping with the first loop getting the maximum user accounts then the inner loop injecting the malware used in the hack Tyagi reported in 2016: this is a worse case of n^2. Target’s situation contains similarity to Israel before Christ’s arrival regarding Achan (NIV, Jos 7:13). In response, Target would benefit from demarcating legacy systems that do not enable industry-standard security integrations (link).
Anonymous. (2016). JOBS MARKET: Me and my job. SC Magazine, 27(6), 15.
Holt, A. L., Safari Books Online (Firm), & Books24x7, I. (2013). Governance of IT: An executive guide to ISO/IEC 38500. Swindon, UK: BCS, The Chartered Institute for IT. Olutoyin, O., & Flowerday, S. (2016). Successful IT governance in SMES: An application of the technology-organisation-environment theory. South African Journal of Information Management, 18(1), 1-8. doi:http://0- dx.doi.org.library.regent.edu/10.4102/sajim.v18i1.696