Logo des Repositoriums

Auflistung nach Autor:in "Gerl, Armin"

1 - 7 von 7
  • Textdokument
    Applying COBIT 2019 to IT Governance in Higher Education
    (INFORMATIK 2020, 2021) Gerl, Armin; von der Heyde, Markus; Groß, Rainer; Seck, Rainer; Watkowski, Laura
    The Bavarian higher education environment is aiming to renew its IT strategy. The overall objective is to find an organisational solution which allows both local independence and collaborative solutions in those areas which are either commodities or which are too complex or costly to be solved several times in parallel. All Bavarian CIOs are engaged in the development of a model which respects local governance to be included into the overarching IT strategy of Bavaria, potentially Germany and Europe. As a common framework, COBIT was chosen to structure the process and guarantee completeness. The application of COBIT was started by the agreement to a common model. Further, the description of the respective responsibilities and competencies for all stakeholders was defined. We share this current state of the discussion with the broader community of higher education to promote further discussions about methods and objectives.
  • Workshopbeitrag
    Data Privacy Management (DPM) - A Private Household Smart Metering Use Case
    (Mensch und Computer 2020 - Workshopband, 2020) Jakob, Dietmar; Wilhelm, Sebastian; Gerl, Armin
    The automated collection of real life data in private households places special requirements on a Data Privacy Management (DPM) concept. The development and implementation of a DPM concept for use in a scientific environment is demonstrated according to a successful use case – the project BLADL. The intention of this paper is to provide a guideline for ethical and privacy-preserving data collection and management in research projects in the EU.
  • Zeitschriftenartikel
    Entwicklungsstand der CIO-Funktion und hochschulübergreifenden IT-Governance im Kontext der Digitalen Transformation an Hochschulen in Bayern
    (HMD Praxis der Wirtschaftsinformatik: Vol. 59, No. 3, 2022) von der Heyde, Markus; Gerl, Armin
    Die Hochschulen befinden sich durch vielfältige Veränderungsprozesse in Verbindung mit dem Einsatz von Informationstechnologien (IT) auf dem Weg der Digitalen Transformation. Diese Digitale Transformation der Hochschulen umfasst intensive Veränderungsprozesse in der gesamten Hochschulkultur in Lehre, Forschung und Verwaltung in übergreifender und strukturierter Weise. Seit vielen Jahren werden vielfältige Digitalisierungsvorhaben zur Modernisierung von einzelnen Prozessen an den Hochschulen umgesetzt. Die Leitungen der Rechenzentren leisten mit der Umsetzung von IT-Projekten einen zentralen Beitrag zu diesem Wandel. Mit der Einführung der CIO-Funktion in den Hochschulleitungen und der hochschulübergreifenden Kooperationen hat sich die IT-Governance weiterentwickelt. Insbesondere für die Digitale Transformation werden Strukturen zur Koordination der übergreifenden Vorhaben benötigt, wobei zusätzlich zur IT-Leitung eine Vielzahl von Funktionsträgern mit fachlichen Aufgaben aus Forschung, Lehre und Verwaltung involviert ist. Es stellt sich die Frage, wie die Digitale Transformation an Hochschulen gesteuert werden kann und in welcher organisatorischen Form sich die Aufgaben und Verantwortlichkeiten im Hochschulkontext realisieren lassen. An der Weiterentwicklung der IT-Governance an bayerischen Hochschulen wird beispielhaft erläutert, welche übergreifenden Aufgaben der Koordination von Bedarf und Versorgung mit IT-Services zwischen und innerhalb der Hochschulen bestehen. Die CIO-Funktion wird durch die Verankerung in der Leitungsebene der Funktion des Chief Digital Officers (CDO) aus der Wirtschaft ähnlicher, auch wenn in Hochschulen aufgrund der klassischen Ressort-Einteilung die Rolle oft als Vizepräsident:in für Digitalisierung bezeichnet wird. Universities are on the path to digital transformation as a result of fundamental change processes in connection with the use of information technologies (IT). This digital transformation of universities encompasses overarching and structured change processes of university culture in teaching, research, and administration. For many years, universities have been implementing digitalization projects to modernize individual processes. The management of the data centres is making a key contribution to this transformation by implementing IT projects. IT governance has evolved with the introduction of the CIO function in university management and cross-university collaborations. For digital transformation in particular, structures are needed to coordinate the overarching projects, with a large number of specialists from research, teaching and administration being involved in addition to IT management. Questions arise as to how the digital transformation at universities can be managed, and in what organizational form the tasks and responsibilities can be realized in the university context. The recent development of IT governance at Bavarian universities is used as an example to explain the collaborative tasks of coordinating demand and supply of IT services between and within universities. By anchoring the CIO function at the management level, it becomes more similar to the function of the Chief Digital Officer (CDO) from the business world, even though in universities the role is often referred to as Vice President for Digitalization due to the traditional departmental division.
  • Zeitschriftenartikel
    Gemeinsame Digitalisierung durch die Entwicklung von IT-Governance-Strukturen auf Landesebene
    (Wirtschaftsinformatik & Management: Vol. 14, No. 2, 2022) von der Heyde, Markus; Gerl, Armin; Groß, Rainer; Klapper, Frank; Knaden, Andreas; Meister, Vera G.; Rehm, Simone
  • Konferenzbeitrag
    The Layered Privacy Language Art. 12 - 14 GDPR Extension - Privacy Enhancing User Interfaces
    (INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft, 2019) Gerl, Armin; Meier, Bianca
    On 25th May 2018, the EU-wide General Data Protection Regulation (GDPR) came into force in order to strengthen the rights of Data Subjects. Although the GDPR specifies the required information, which has to be presented to a Data Subject, it can still be argued for a lack of transparency due to unfavorable presentation of the privacy policy. Furthermore, no systematic approach for the enforcement of privacy policies in technical systems is deployed. These issues are tackled by the both human- and machine-readable Layered Privacy Language (LPL), which models legal privacy policies. This work introduces an extension for LPL to comply with Art. 12 - 14 GDPR. Additionally, user interface prototypes will be introduced to allow the creation of LPL privacy policies by the Data Protection Officer as well as a structured presentation of the LPL privacy policy for web-applications.
  • Konferenzbeitrag
    LPL Personal Privacy Policy User Interface: Design and Evaluation
    (Mensch und Computer 2018 - Workshopband, 2018) Gerl, Armin; Prey, Florian
    We present the LPL Personal Privacy Policy User Interface (LPL PPP UI), which is intended to inform Data Subjects about the contents of the privacy policy and to allow personalisation of purposes to support free and informed consent. The capabilities of the LPL PPP UI, consisting in informing the Data Subject about the contents of a privacy policy in a structured way and personal privacy interactions are presented. The LPL PPP UI is evaluated against regular designed privacy policies. Furthermore, future challenges and objectives for privacy policy user interfaces are given.
  • Textdokument
    Policy-based Authentication and Authorization based on the Layered Privacy Language
    (BTW 2019 – Workshopband, 2019) Wilhelm, Sebastian; Gerl, Armin
    In 2018 the General Data Protection Regulation (GDPR) has been enforced providing a new legal framework with rules and regulations for processing personal data. The requirement for distinguishing between purposes has been introduced, leading to the necessity of adapting existing authentication and authorization processes. We introduce a detailed authentication and authorization extension, which is able to verify requests on personal data based on the Layered Privacy Language (LPL). This extension is evaluated in the form of a benchmark, utilizing the Policy-based De-identification, to demonstrating its efficiency and suitability for data-warehouses.