Draft:Enterprise Security Architecture for Reliable ICT Services

Submission declined on 27 December 2023 by ToadetteEdit (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. If you would like to continue working on the submission, click on the "Edit" tab at the top of the window. If you have not resolved the issues listed above, your draft will be declined again and potentially deleted. If you need extra help, please ask us a question at the AfC Help Desk or get live help from experienced editors. Please do not remove reviewer comments or this notice until the submission is accepted. Where to get help If you need help editing or submitting your draft, please ask us a question at the AfC Help Desk or get live help from experienced editors. These venues are only for help with editing and the submission process, not to get reviews. If you need feedback on your draft, or if the review is taking a lot of time, you can try asking for help on the talk page of a relevant WikiProject. Some WikiProjects are more active than others so a speedy reply is not guaranteed. How to improve a draft Wikipedia:Contributing to Wikipedia – a basic overview on how to edit Wikipedia. Help:Wikitext – how to use the markup Help:Referencing for beginners – how to include references Wikipedia:Article development – how to develop your article Wikipedia:Writing better articles – how to improve your article Wikipedia:Verifiability – make sure your article includes reliable third-party sources You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article. Improving your odds of a speedy review To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags. Add tags to your draft Editor resources Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL Easy tools: Citation bot (help) | Advanced: Fix bare URLs Declined by ToadetteEdit 4 months ago. Last edited by ToadetteEdit 4 months ago. Reviewer: Inform author. Resubmit Please note that if the issues are not fixed, the draft will be declined again.

Submission declined on 24 November 2023 by TechnoSquirrel69 (talk). This submission is not adequately supported by reliable sources. Reliable sources are required so that information can be verified. If you need help with referencing, please see Referencing for beginners and Citing sources. This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by TechnoSquirrel69 5 months ago.

Submission declined on 2 November 2023 by Vanderwaalforces (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by Vanderwaalforces 6 months ago.

Submission declined on 27 June 2023 by Greenman (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by Greenman 10 months ago.

• Comment: Thanks for your submission! Unfortunately, the issues brought up in previous reviews have not been adequately fixed yet. There is a lot of reliance on sources written by von Faber, which are not acceptable for assessments of notability as they are not independent of the subject. Most of the other sources don't mention ESARIS by name, making the citations difficult to verify, and they probably toe the line of original research by the fact that they've been included at all. I'll also add that the prose is extremely vague; take this example from the lead: "ESARIS is a holistically structured, architectural approach for larger IT service providers...". Okay, while that is well and good, the sentence does not actually convey any real information about what the method is, it's just relatively subjective-sounding descriptors without much encyclopedic substance. There are several other examples throughout the draft. Let me know if you have any questions about this! —TechnoSquirrel69 (sigh) 22:01, 24 November 2023 (UTC)

• Comment: More or less an original research. Please add more citations. See WP:OR, WP:V. Vanderwaalforces (talk) 10:00, 2 November 2023 (UTC)

---

IT security standard

Enterprise Security Architecture for Reliable ICT Services (ESARIS) is a set of methodologies, processes, practices, and IT security standards to adequately secure IT services.^[1][2] ESARIS follows a similar approach to ITIL and ISO/IEC 20000 regarding quality issues in IT service provisioning in that it defines work areas and breaks them down into individual process activities, but ESARIS reuses the work areas and processes from ISO/IEC 20000 and details them for IT security instead of defining a separate process model for it. The ESARIS methodology has been adopted by T-Systems as a basis for their security best practices and IT security framework.^[3][4][5] The Federal Ministry of Defence of Germany recommends ESARIS as an exemplary industry standard.^[6]

ESARIS was designed by Eberhard von Faber on behalf of and working for T-Systems and as part of his work as professor of IT security. The design of ESARIS took place between 2010^[7] and 2016^[1] and improved up to 2023.^[8]

Short profile

ESARIS helps organizing IT security throughout the entire supply chain.^[9] ESARIS covers the whole provisioning process from portfolio and offering design and implementation all the way down to the different aspects of maintenance in the operational phase. ESARIS builds upon existing processes of IT service management (ISO/IEC 20000 or ITIL), additionally considering internal organization specifics, focusing on the exact technical implementation of security and compliance with security related standards.^[1] ESARIS supports communication and cooperation between the parties and emphasises the necessity for contractual agreements on IT security.^[10]

ESARIS uses hierarchy and taxonomy to structure and organize^[11] security standards, organizational, technical, and procedural security measures as well as guidelines, work instructions, etc. The latter assist employees in guaranteeing the necessary level of IT service security.^[1]

Parts of ESARIS are adopted by the industry association Zero Outage Industry Standard and published as a standard.^[12][13]

References

1. von Faber, Eberhard; Behnsen, Wolfgang (2017). Secure ICT Service Provisioning for Cloud, Mobile and Beyond (ESARIS: The Answer to the Demands of Industrialized IT Production Balancing Between Buyers and Providers) (2nd ed.). Wiesbaden: Springer Vieweg. doi:10.1007/978-3-658-16482-9. ISBN 978-3-658-16481-2. S2CID 33265004.
2. Steinacker, Angelika (2019). Sicherheit im Internet der Dinge (IoT), Ein sicheres IoT erfordert neue Denkweisen; Datenschutz und Datensicherheit 43, 403-409. doi:10.1007/s11623-019-1135-1. S2CID 255349646.
3. "DB Netz AG: Sicherheits-Fundament für die Zukunft".
4. AG, Deutsche Telekom (February 2, 2016). "Experton: Deutsche Telekom is a leading security-services provider". www.telekom.com.
5. "Architektur für die Sicherheit". www.report.at.
6. https://www.bmvg.de/resource/blob/140202/5f48d9a452805e7c3f2e61395682d7a9/ideenpapier-vertrauenswuerdige-it-data.pdf
7. von Faber, Eberhard; Behnsen, Wolfgang (2012). A Systematic Holistic Approach for Providers to Deliver Secure ICT Services; in: ISSE 2012 Securing Electronic Business Processes, Highlights of the Information Security Solutions Europe, ISSE 2012. Wiesbaden: Springer Vieweg. pp. 80–88. doi:10.1007/978-3-658-00333-3_9. ISBN 978-3-658-00332-6. Accepted by the program committee and presented at ISSE 2012: https://www.teletrust.de/veranstaltungen/isse/isse-2012/
8. von Faber, Eberhard (2023). IT-Service-Security in Begriffen und Zusammenhängen, Managementmethoden und Rezepte für Anwender und IT-Dienstleister. Wiesbaden: Springer-Verlag. ISBN 978-3-658-41932-5.
9. Damm, F., Fischer, HP. Lieferkette: Wie Cyber-Security von adäquater Zusammenarbeit abhängt; Datenschutz und Datensicherheit 43, 418–425 (2019). https://doi.org/10.1007/s11623-019-1137-z
10. Frére, Eric; Zureck, Alexander; Röhrig, Katharina (July 31, 2018). Industry 4.0 in Germany - The Obstacles Regarding Smart Production in the Manufacturing Industry. p. 38.
11. Cite error: The named reference VESNA was invoked but never defined (see the help page).
12. "Introduction and Overall Picture".
13. "Security Taxonomy for IoT".

External links

• Videoclip (architecture): ESARIS – the comprehensive security architecture
• Videoclip (standardization): Standardization of IT security with ESARIS
• Zero Outage Industry Standard (security): Security
• Webinar (Zero Outage Industry Standard, 35 min.): Webinar: How to organise IT service security in a larger IT organisation