A Personal Data Audit Method through Requirements Engineering Thomas van Eerden
Authors Miguel A. Martínez Joaquín Lasheras Eduardo Fernández-Medina Ambrosio Toval Mario Piattini All an academic background in Spain
Introduction Method that systematizes audit information security systems. Focus: Sensitive data Health Information Systems Information from the Government (about you) Police reports Etc.
Name Personal Data Audit Method based on Requirements Engineering (PDA-RA) It checks requirements
Main Phases & Roles 1.Previous analysis of the situation. 2.System verification audit. 3.System testing. 4.Final interview and writing of the final report. Roles: Audit client Security audit team Security manager
Related literature Based on Requirement Engineering & CobiT CobiT: a framework to help organizations align information technology with business goals (Ridley, Young & Carroll, 2004). Requirements engineering: Developing requirements Analysing the problem Documenting and observing Checking for accuracy.
Related literature Downside RE: Non-functional requirements. Requirements can conflict with each other. You want high performance & You set a low budget.
Process Deliverable Diagram
Example