Publicação

The impact of intelligent process automation implementation on organizations' information security management systems

Ver documento

Detalhes bibliográficos
Resumo:This dissertation focuses on understanding on how Intelligent Process Automation (IPA) can impact Information Security Management Systems (ISMS) in organizations. Bibliographic evidence from a Systematic Literature Review and a survey of 96 practitioners was consolidated into a conceptual artifact that investigates responsible and secure intelligent automation adoption. The literature shows that well-governed implementation of intelligent automation strengthens ISMS by standardizing control execution, improving evidence collection and audit readiness, and enabling continuous monitoring. It also warns that poorly designed initiatives can weaken authentication and access control, create brittle integrations, and erode transparency. The survey, analyzed descriptively, echoes these patterns, where practitioners report clear gains from automating access control, logging, and auditing., emphasizing early integration of compliance requirements, risk-based planning, strong authentication and encryption, clear decision rights, coordinated oversight through Centres of Excellence, also offering practical awareness of standards like IEEE 2755:2022 and ISO/IEC 27001:2022. Open responses highlight opportunities such as faster evidence and scalable assurance, alongside risks including opaque models, alert fatigue before tuning, third-party exposure, and gaps in data lineage and privacy. The artifact translates into the conclusion that IPA’s impact on ISMS is determined less by the tools and more by how automation is conceived, owned, and continuously improved within each organization.
Autores principais:Alves, Henrique de Paiva Penedo
Assunto:Intelligent process automation Information security management systems Governança -- Governance IEEE 2755 ISO/IEC 27001 Sistemas de gestão de segurança da informação
Ano:2025
País:Portugal
Tipo de documento:dissertação de mestrado
Tipo de acesso:acesso restrito
Instituição associada:ISCTE
Idioma:inglês
Origem:Repositório ISCTE
Descrição
Resumo:This dissertation focuses on understanding on how Intelligent Process Automation (IPA) can impact Information Security Management Systems (ISMS) in organizations. Bibliographic evidence from a Systematic Literature Review and a survey of 96 practitioners was consolidated into a conceptual artifact that investigates responsible and secure intelligent automation adoption. The literature shows that well-governed implementation of intelligent automation strengthens ISMS by standardizing control execution, improving evidence collection and audit readiness, and enabling continuous monitoring. It also warns that poorly designed initiatives can weaken authentication and access control, create brittle integrations, and erode transparency. The survey, analyzed descriptively, echoes these patterns, where practitioners report clear gains from automating access control, logging, and auditing., emphasizing early integration of compliance requirements, risk-based planning, strong authentication and encryption, clear decision rights, coordinated oversight through Centres of Excellence, also offering practical awareness of standards like IEEE 2755:2022 and ISO/IEC 27001:2022. Open responses highlight opportunities such as faster evidence and scalable assurance, alongside risks including opaque models, alert fatigue before tuning, third-party exposure, and gaps in data lineage and privacy. The artifact translates into the conclusion that IPA’s impact on ISMS is determined less by the tools and more by how automation is conceived, owned, and continuously improved within each organization.