Institut für Wirtschaftsinformatik

Dauerhafte URI für die Sammlunghttps://irf.fhnw.ch/handle/11654/66

Listen

Ergebnisse nach Hochschule und Institut

Gerade angezeigt 1 - 2 von 2
  • Vorschaubild
    Publikation
    Exploring cyber security awareness through LEGO serious play part I: the learning experience
    (ToKnowPress, 2020) Asprion, Petra; Schneider, Bettina; Moriggl, Pascal; Grimberg, Frank; Dermol, Valerij
    Lego Serious Play (LSP) is a methodology that helps people brainstorm and discuss complex ideas through storytelling and metaphors. LSP has been successfully applied as a mechanism for creative learning and team building. In this paper, we discuss using LSP to teach core topics of Cyber Security and Resilience (CS&R) in higher education. Initial results suggest that LSP has a positive impact on student learning, while also improving student engagement both, within the course and in their business environment. While the use of LSP discussed here focuses on its implementation in CS&R courses, this highly transferable methodology can be applied across the spectrum of disciplines and for multiple purposes. In addition, it can also be used to facilitate cyber security awareness or risk assessment workshops in various environments.
    04B - Beitrag Konferenzschrift
  • Vorschaubild
    Publikation
    Data protection impact assessment guidelines in the context of the general data protection regulation
    (2019) Grütter, Bodo Jeremy; Schneider, Bettina; Dermol, Valerij
    The European General Data Protection Regulation (EU GDPR) requires companies to carry out a so-called Data Protection Impact Assessment (DPIA) if the processing of personal data is likely to result in a high risk to the rights and freedoms of individuals. But how can it be determined whether a risk should be considered ‘high’ and thus makes a DPIA necessary? Furthermore, if a DPIA is required, how exactly should this be performed? In response to these questions, various guidelines concerning DPIA have been published. The aim of this paper is to give those affected by the new Data Protection law an insight into three current DPIA guidelines and to support them in implementing a GDPR-compliant impact assessment. To this end, each of the selected guidelines will be described, and evaluated in terms of GDPR compliance and DPIA feasibility, i.e. on the one hand, whether the guideline complies with the relevant GDPR articles, and on the other hand what tools are provided to facilitate the operational execution of a DPIA. The study results in an overall evaluation matrix, which shows that all three guidelines have different strengths and propose differing methods for DPIA implementation.
    04B - Beitrag Konferenzschrift