INFORMATION SECURITY IN AGILE SOFTWARE DEVELOPMENT PROJECTS A CR.pdf (364.82 kB)

Information Security in Agile Software Development Projects: A Critical Success Factor Perspective

Download (364.82 kB)
conference contribution
posted on 14.10.2020 by Nathan Newton, Craig Anslow, Andreas Drechsler
© 27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019. All rights reserved. The importance of information security in software development projects is long recognised, with many comprehensive standards and procedures in use to provide assurance of information security. The agile development paradigm conflicts with traditional security assurance by emphasising the delivery of functional requirements and a reduction in structured and linear development styles. Through a series of thirteen qualitative interviews, this study identifies practices that address this problem which have been successfully adopted by agile practitioners. The findings present four categories of practices - organisational, team, project, and technical - and twelve critical success factors that should be explicitly considered by practitioners to assure agile security. The critical success factors provide a foundation for practitioners to strategically identify and develop best practices to embed information security in agile development projects. The identified categories also highlight the importance of agile security practices centring around individuals and culture and contributes to the literature by providing a representation of agile security practices that encompasses a broad range of focal areas.

Funding

ECIS 2019 - Sweden - June 2019 | Funder: COMMERCE

History

Preferred citation

Newton, N., Anslow, C. & Drechsler, A. (2019, January). Information Security in Agile Software Development Projects: A Critical Success Factor Perspective. In 27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019 European Conference on Information Systems, Stockholm.

Conference name

European Conference on Information Systems

Conference Place

Stockholm

Title of proceedings

27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019

Contribution type

Published Paper

Publication or Presentation Year

01/01/2019

Publication status

Published

Exports

Logo branding

Categories

Exports