DEMO as a method

In 2009 we examined DEMO as a method for Enterprise Engineering and how to combine Information Security principles into it. DEMO (DEMO Design and Engineering Methodology for Organizations) is a widely adopted international standard for designing and engineering ‘extended enterprises’.

Information Security principles and Enterprise Engineering

In search of finding stronger methods to design a secure enterprise, DEMO is underexposed. DEMO is a widely adopted international standard for designing and engineering ‘extended enterprises’. The notation ‘extended’ indicates the broad variety of social interaction and interoperatibility between enterprises to accomplish a mutual benefit.

Enterprises work together on all kinds of layers within the organization and therefore they cope with more and more extended inter(trans)actions that make use of information technologies –like the internet- to exchange business critical information. The exchange of critical information via the internet and the possible impact this may have on the confidentiality, integrity and availability of this information is rather unknown. The problem of the unawareness of security breaches that might occur during the information exchange between enterprises emphasizes the urge of examining the three mentioned areas of concern at the start of the design phase. In our opinion, it has to be embedded into the theory of design.