University of Dubuque
Security is a system property of ICT systems and an acceptable security level has to be achieved for the entire system. Aligning an ICT system with a security standard is a challenging task, because of the sparse support for development and documentation that these standards provide. The authors create patterns for the elements of trustworthiness: security, risk management, privacy, and law. The instantiations of these patterns are used to support the development and documentation of ICT systems according to security standards. In addition, they define relations between security standards and security requirements engineering approaches.