Track: Cyber Security

Abstract

Given the importance of data and information, it is also important to treat and develop data as a core business asset. This means that data needs to be actively managed at all stages of the data lifecycle (i.e collected, stored, analyzed, shared, and archived) through defined data practices, standards, and policies. Law 13.709 / 2018 impacts on private and public companies nationwide, considering any size and market segment, while taking into account the need to meet the requirements efficiently and sustainably. The aim of this paper is to characterize the main areas of contribution to the evaluation of the process capability for digital transformation in relation to cybersecurity in the context of the General Data Protection Law and to present some topics in which field research could be further developed. To this end, a citation / citation analysis of the literature related to process capability and process improvement models published in the main journals from 2000 to 2019 is made. The main authors are identified and a field is analyzed, with the objective of identifying the areas of contribution. The results show that contributions can be characterized in areas such as business processes, ISO, maturity models, risk management, decision support.