Open Access Te Herenga Waka-Victoria University of Wellington
Browse

Information Security in Agile Software Development Projects: A Critical Success Factor Perspective

Download (364.82 kB)
conference contribution
posted on 2020-10-14, 04:07 authored by Nathan Newton, Craig AnslowCraig Anslow, Andreas DrechslerAndreas Drechsler
© 27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019. All rights reserved. The importance of information security in software development projects is long recognised, with many comprehensive standards and procedures in use to provide assurance of information security. The agile development paradigm conflicts with traditional security assurance by emphasising the delivery of functional requirements and a reduction in structured and linear development styles. Through a series of thirteen qualitative interviews, this study identifies practices that address this problem which have been successfully adopted by agile practitioners. The findings present four categories of practices - organisational, team, project, and technical - and twelve critical success factors that should be explicitly considered by practitioners to assure agile security. The critical success factors provide a foundation for practitioners to strategically identify and develop best practices to embed information security in agile development projects. The identified categories also highlight the importance of agile security practices centring around individuals and culture and contributes to the literature by providing a representation of agile security practices that encompasses a broad range of focal areas.

Funding

ECIS 2019 - Sweden - June 2019 | Funder: COMMERCE

History

Preferred citation

Newton, N., Anslow, C. & Drechsler, A. (2019, January). Information Security in Agile Software Development Projects: A Critical Success Factor Perspective. In 27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019 European Conference on Information Systems, Stockholm.

Conference name

European Conference on Information Systems

Conference Place

Stockholm

Title of proceedings

27th European Conference on Information Systems - Information Systems for a Sharing Society, ECIS 2019

Contribution type

Published Paper

Publication or Presentation Year

2019-01-01

Publication status

Published

Usage metrics

    Conference papers

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC