Information Security in Agile Software Development Projects: A Critical Success Factor Perspective
conference contribution
posted on 2020-10-14, 04:07 authored by Nathan Newton, Craig AnslowCraig Anslow, Andreas DrechslerAndreas Drechsler© 27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019. All rights reserved. The importance of information security in software development projects is long recognised, with many comprehensive standards and procedures in use to provide assurance of information security. The agile development paradigm conflicts with traditional security assurance by emphasising the delivery of functional requirements and a reduction in structured and linear development styles. Through a series of thirteen qualitative interviews, this study identifies practices that address this problem which have been successfully adopted by agile practitioners. The findings present four categories of practices - organisational, team, project, and technical - and twelve critical success factors that should be explicitly considered by practitioners to assure agile security. The critical success factors provide a foundation for practitioners to strategically identify and develop best practices to embed information security in agile development projects. The identified categories also highlight the importance of agile security practices centring around individuals and culture and contributes to the literature by providing a representation of agile security practices that encompasses a broad range of focal areas.
Funding
ECIS 2019 - Sweden - June 2019 | Funder: COMMERCE
History
Preferred citation
Newton, N., Anslow, C. & Drechsler, A. (2019, January). Information Security in Agile Software Development Projects: A Critical Success Factor Perspective. In 27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019 European Conference on Information Systems, Stockholm.Conference name
European Conference on Information SystemsConference Place
StockholmTitle of proceedings
27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019Contribution type
Published PaperPublication or Presentation Year
2019-01-01Publication status
PublishedUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorksRefWorks
BibTeXBibTeX
Ref. managerRef. manager
EndnoteEndnote
DataCiteDataCite
NLMNLM
DCDC