895 resultados para Context-based teaching
Resumo:
The Faculty of Biology and Medicine of Lausanne has integrated education of family medicine all along its new undergraduate medical curriculum. The Institute of general medicine is in charge to implement those offers among which two are presented hereafter. In the new module "Generalism" several courses cover the specificities of the discipline as for example medical decision in the practice. A mandatory one-month internship in the medical practice offers an experiential immersion into family medicine for all students. In a meeting at the end of their internship, students discuss in group with their peers their individual experiences and are asked to identify, based on their personal experience, the general concepts of the specialty of family medicine and general practice.
Resumo:
Context: Cross-cultural clinical competence (CCC) requires a mixtureof "knowledge" (K), "attitude" (A) and "skills" (S), in order to develop theability to give quality care to patients of different cultures. Theseattributes allow, while providing medical care, consideration of thepatient's medical, social, cultural and language needs. The LausanneUniversity Medical Policlinic (PMU) provides approximately 30000consultations per year to migrant patients and over the past five yearshas implemented a training course on CCC that focuses on trialogue,stereotypes and administrative procedures for the healthcare ofmigrants.Method: A quantitative survey of 18 new residents, was carried outusing a validated questionnaire, the "Multicultural AssessmentQuestionnaire" (the MAQ, 16 questions on K, A and S) to evaluate theimpact of CCC training. The questionnaire was distributed before theCCC course (J-1), three days after (J+3) and three months later (J+90).A descriptive univariate analysis of the difference in MAQ scoresbetween the times J-1 - J+3 and J-1 - J+90 was made. Three FocusGroups were conducted, at three months, to explore residents' thoughtsabout the course.Results: A significant increase was observed in global performancedeclared by residents. Following the intervention, the score of the MAQincreased from 31.4 points to 38.0 points at three days (p = 0.004) andto 37.7 points at three months (p = 0.003). This increase was mostnoticeable in the field of acquiring K: total score J-1: 118, J+3: 189,J+90: 190 (difference J-1 - J+3 and J-1 - J+90: p <0.005). There was nosignificant difference in acquiring A (J-1: 222, J+3: 228, J+90: 229), andS increases in a significant way at first (J-1: 222, J+3: 265, J-1 - J+3:p = 0.035), then comes back to the start value (J+90: 217). The residentswere interested by the course which they felt provides useful informationfor clinical practice. They had a great number of expectations in varyingfields (medical anthropology, cultural differences, epidemiology, etc.),hoping a "ready-made" solution for the approach of migrant patients.Conclusions: A unique training of CCC at the post-graduate level,upgraded K, and to a lesser extent A and S, for these 18 residents. Theywere interest and they had many expectations. Subsequent coursesshould consolidate these acquisitions. Future study should demonstratethe impact on patients' clinical outcome.
Resumo:
[spa] Este texto forma parte de un proyecto de investigación Los efectos de los cambios sociales en el trabajo y la vida profesional de los docentes universitarios, parcialmente financiado por el Ministerio de Ciencia e Innovación (SEJ2006-01876), en el que nos planteamos explorar los cambios los ámbitos de la legislación, laorganización institucional, la investigación, la gestión y la docencia en los últimos treinta años. El principal objetivo del estudio era profundizar en nuestra comprensión sobre el impacto del cambio económico, social, cultural, tecnológico y laboral que están experimentando las universidades españolas en la vida y la identidad profesional del personal docente e investigador, teniendo en cuenta el contexto nacional y europeo. Estapublicación recoge la 24 historias de vida profesional realizas con o sobre otros tantos docentes universitarios. Sus relatos analizados y contextualizados, significan una contribución significativa al conocimiento basado en la investigación sobre el saber profesional y la experiencia laboral en las universidades españolas, y en consecuencia, a nuestra comprensión sobre cómo los académicos se están enfrentando con los cambios actuales.
Resumo:
This research was conducted in the context of the project IRIS 8A Health and Society (2002-2008) and financially supported by the University of Lausanne. It was aomed at developping a model based on the elder people's experience and allowed us to develop a "Portrait evaluation" of fear of falling using their examples and words. It is a very simple evaluation, which can be used by professionals, but by the elder people themselves. The "Portrait evaluation" and the user's guide are on free access, but we would very much approciate to know whether other people or scientists have used it and collect their comments. (contact: Chantal.Piot-Ziegler@unil.ch)The purpose of this study is to create a model grounded in the elderly people's experience allowing the development of an original instrument to evaluate FOF.In a previous study, 58 semi-structured interviews were conducted with community-dwelling elderly people. The qualitative thematic analysis showed that fear of falling was defined through the functional, social and psychological long-term consequences of falls (Piot-Ziegler et al., 2007).In order to reveal patterns in the expression of fear of falling, an original qualitative thematic pattern analysis (QUAlitative Pattern Analysis - QUAPA) is developed and applied on these interviews.The results of this analysis show an internal coherence across the three dimensions (functional, social and psychological). Four different patterns are found, corresponding to four degrees of fear of falling. They are formalized in a fear of falling intensity model.This model leads to a portrait-evaluation for fallers and non-fallers. The evaluation must be confronted to large samples of elderly people, living in different environments. It presents an original alternative to the concept of self-efficacy to evaluate fear of falling in older people.The model of FOF presented in this article is grounded on elderly people's experience. It gives an experiential description of the three dimensions constitutive of FOF and of their evolution as fear increases, and defines an evaluation tool using situations and wordings based on the elderly people's discourse.
Resumo:
En aquest treball, es presenta un marc teòric que té per finalitat mostrar la importància de l’educació emocional a parvulari. Es realitza un petit recorregut per els orígens del concepte, el context en que apareix i les dimensions. Posteriorment, s’ha realitzat l’anàlisi d’una pràctica educativa real (estudi d’un cas), concretament a l’aula de 5 anys, durant 9 setmanes amb l’objectiu d’identificar i relacionar els referents teòrics amb la pràctica educativa. L’objectiu principal del treball ha estat posar en relació les teories dels diferents autors amb la vida quotidiana d’una aula, poder analitzar la presència de l’educació emocional i poder reflexionar en profunditat sobre la tasca docent. S’ha investigat la consciència que té el professorat sobre la importància d’aquest treball amb els alumnes, les estratègies metodològiques utilitzades per el treball emocional, quines dimensions i moments són més presents en el dia a dia, i finalment, observar la formalitat o informalitat de la pràctica de l’educació emocional i analitzar-ne la seva eficàcia. Totes les dades s’han recollit a partir d’una pauta d’observació basada en els referents teòrics i finalment s’ha realit
Resumo:
Both, Bayesian networks and probabilistic evaluation are gaining more and more widespread use within many professional branches, including forensic science. Notwithstanding, they constitute subtle topics with definitional details that require careful study. While many sophisticated developments of probabilistic approaches to evaluation of forensic findings may readily be found in published literature, there remains a gap with respect to writings that focus on foundational aspects and on how these may be acquired by interested scientists new to these topics. This paper takes this as a starting point to report on the learning about Bayesian networks for likelihood ratio based, probabilistic inference procedures in a class of master students in forensic science. The presentation uses an example that relies on a casework scenario drawn from published literature, involving a questioned signature. A complicating aspect of that case study - proposed to students in a teaching scenario - is due to the need of considering multiple competing propositions, which is an outset that may not readily be approached within a likelihood ratio based framework without drawing attention to some additional technical details. Using generic Bayesian networks fragments from existing literature on the topic, course participants were able to track the probabilistic underpinnings of the proposed scenario correctly both in terms of likelihood ratios and of posterior probabilities. In addition, further study of the example by students allowed them to derive an alternative Bayesian network structure with a computational output that is equivalent to existing probabilistic solutions. This practical experience underlines the potential of Bayesian networks to support and clarify foundational principles of probabilistic procedures for forensic evaluation.
Resumo:
BACKGROUND: In Switzerland, 30% of HIV-infected individuals are diagnosed late. To optimize HIV testing, the Swiss Federal Office of Public Health (FOPH) updated 'Provider Induced Counseling and Testing' (PICT) recommendations in 2010. These permit doctors to test patients if HIV infection is suspected, without explicit consent or pre-test counseling; patients should nonetheless be informed that testing will be performed. We examined awareness of these updated recommendations among emergency department (ED) doctors. METHODS: We conducted a questionnaire-based survey among 167 ED doctors at five teaching hospitals in French-Speaking Switzerland between 1(st) May and 31(st) July 2011. For 25 clinical scenarios, participants had to state whether HIV testing was indicated or whether patient consent or pre-test counseling was required. We asked how many HIV tests participants had requested in the previous month, and whether they were aware of the FOPH testing recommendations. RESULTS: 144/167 doctors (88%) returned the questionnaire. Median postgraduate experience was 6.5 years (interquartile range [IQR] 3; 12). Mean percentage of correct answers was 59 ± 11%, senior doctors scoring higher (P=0.001). Lowest-scoring questions pertained to acute HIV infection and scenarios where patient consent was not required. Median number of test requests was 1 (IQR 0-2, range 0-10). Only 26/144 (18%) of participants were aware of the updated FOPH recommendations. Those aware had higher scores (P=0.001) but did not perform more HIV tests. CONCLUSIONS: Swiss ED doctors are not aware of the national HIV testing recommendations and rarely perform HIV tests. Improved recommendation dissemination and adherence is required if ED doctors are to contribute to earlier HIV diagnoses.
Resumo:
Context: Ovarian tumors (OT) typing is a competency expected from pathologists, with significant clinical implications. OT however come in numerous different types, some rather rare, with the consequence of few opportunities for practice in some departments. Aim: Our aim was to design a tool for pathologists to train in less common OT typing. Method and Results: Representative slides of 20 less common OT were scanned (Nano Zoomer Digital Hamamatsu®) and the diagnostic algorithm proposed by Young and Scully applied to each case (Young RH and Scully RE, Seminars in Diagnostic Pathology 2001, 18: 161-235) to include: recognition of morphological pattern(s); shortlisting of differential diagnosis; proposition of relevant immunohistochemical markers. The next steps of this project will be: evaluation of the tool in several post-graduate training centers in Europe and Québec; improvement of its design based on evaluation results; diffusion to a larger public. Discussion: In clinical medicine, solving many cases is recognized as of utmost importance for a novice to become an expert. This project relies on the virtual slides technology to provide pathologists with a learning tool aimed at increasing their skills in OT typing. After due evaluation, this model might be extended to other uncommon tumors.
Resumo:
Many patients with malignant gliomas do not respond to alkylating agent chemotherapy. Alkylator resistance of glioma cells is mainly mediated by the DNA repair enzyme O(6)-methylguanine-DNA methyltransferase (MGMT). Epigenetic silencing of the MGMT gene by promoter methylation in glioma cells compromises this DNA repair mechanism and increases chemosensitivity. MGMT promoter methylation is, therefore, a strong prognostic biomarker in paediatric and adult patients with glioblastoma treated with temozolomide. Notably, elderly patients (>65-70 years) with glioblastoma whose tumours lack MGMT promoter methylation derive minimal benefit from such chemotherapy. Thus, MGMT promoter methylation status has become a frequently requested laboratory test in neuro-oncology. This Review presents current data on the prognostic and predictive relevance of MGMT testing, discusses clinical trials that have used MGMT status to select participants, evaluates known issues concerning the molecular testing procedure, and addresses the necessity for molecular-context-dependent interpretation of MGMT test results. Whether MGMT promoter methylation testing should be offered to all individuals with glioblastoma, or only to elderly patients and those in clinical trials, is also discussed. Justifications for withholding alkylating agent chemotherapy in patients with MGMT-unmethylated glioblastomas outside clinical trials, and the potential role for MGMT testing in other gliomas, are also discussed.
Resumo:
[spa] Este texto forma parte de un proyecto de investigación Los efectos de los cambios sociales en el trabajo y la vida profesional de los docentes universitarios, parcialmente financiado por el Ministerio de Ciencia e Innovación (SEJ2006-01876), en el que nos planteamos explorar los cambios los ámbitos de la legislación, laorganización institucional, la investigación, la gestión y la docencia en los últimos treinta años. El principal objetivo del estudio era profundizar en nuestra comprensión sobre el impacto del cambio económico, social, cultural, tecnológico y laboral que están experimentando las universidades españolas en la vida y la identidad profesional del personal docente e investigador, teniendo en cuenta el contexto nacional y europeo. Estapublicación recoge la 24 historias de vida profesional realizas con o sobre otros tantos docentes universitarios. Sus relatos analizados y contextualizados, significan una contribución significativa al conocimiento basado en la investigación sobre el saber profesional y la experiencia laboral en las universidades españolas, y en consecuencia, a nuestra comprensión sobre cómo los académicos se están enfrentando con los cambios actuales.
Resumo:
[spa] Este texto forma parte de un proyecto de investigación Los efectos de los cambios sociales en el trabajo y la vida profesional de los docentes universitarios, parcialmente financiado por el Ministerio de Ciencia e Innovación (SEJ2006-01876), en el que nos planteamos explorar los cambios los ámbitos de la legislación, laorganización institucional, la investigación, la gestión y la docencia en los últimos treinta años. El principal objetivo del estudio era profundizar en nuestra comprensión sobre el impacto del cambio económico, social, cultural, tecnológico y laboral que están experimentando las universidades españolas en la vida y la identidad profesional del personal docente e investigador, teniendo en cuenta el contexto nacional y europeo. Estapublicación recoge la 24 historias de vida profesional realizas con o sobre otros tantos docentes universitarios. Sus relatos analizados y contextualizados, significan una contribución significativa al conocimiento basado en la investigación sobre el saber profesional y la experiencia laboral en las universidades españolas, y en consecuencia, a nuestra comprensión sobre cómo los académicos se están enfrentando con los cambios actuales.
Resumo:
[spa] Este texto forma parte de un proyecto de investigación Los efectos de los cambios sociales en el trabajo y la vida profesional de los docentes universitarios, parcialmente financiado por el Ministerio de Ciencia e Innovación (SEJ2006-01876), en el que nos planteamos explorar los cambios los ámbitos de la legislación, laorganización institucional, la investigación, la gestión y la docencia en los últimos treinta años. El principal objetivo del estudio era profundizar en nuestra comprensión sobre el impacto del cambio económico, social, cultural, tecnológico y laboral que están experimentando las universidades españolas en la vida y la identidad profesional del personal docente e investigador, teniendo en cuenta el contexto nacional y europeo. Estapublicación recoge la 24 historias de vida profesional realizas con o sobre otros tantos docentes universitarios. Sus relatos analizados y contextualizados, significan una contribución significativa al conocimiento basado en la investigación sobre el saber profesional y la experiencia laboral en las universidades españolas, y en consecuencia, a nuestra comprensión sobre cómo los académicos se están enfrentando con los cambios actuales.
Resumo:
[spa] Este texto forma parte de un proyecto de investigación Los efectos de los cambios sociales en el trabajo y la vida profesional de los docentes universitarios, parcialmente financiado por el Ministerio de Ciencia e Innovación (SEJ2006-01876), en el que nos planteamos explorar los cambios los ámbitos de la legislación, laorganización institucional, la investigación, la gestión y la docencia en los últimos treinta años. El principal objetivo del estudio era profundizar en nuestra comprensión sobre el impacto del cambio económico, social, cultural, tecnológico y laboral que están experimentando las universidades españolas en la vida y la identidad profesional del personal docente e investigador, teniendo en cuenta el contexto nacional y europeo. Estapublicación recoge la 24 historias de vida profesional realizas con o sobre otros tantos docentes universitarios. Sus relatos analizados y contextualizados, significan una contribución significativa al conocimiento basado en la investigación sobre el saber profesional y la experiencia laboral en las universidades españolas, y en consecuencia, a nuestra comprensión sobre cómo los académicos se están enfrentando con los cambios actuales.
Resumo:
Introduction: Building online courses is a highly time consuming task for teachers of a single university. Universities working alone create high-quality courses but often cannot cover all pathological fields. Moreover this often leads to duplication of contents among universities, representing a big waste of teacher time and energy. We initiated in 2011 a French university network for building mutualized online teaching pathology cases, and this network has been extended in 2012 to Quebec and Switzerland. Method: Twenty French universities (see & for details), University Laval in Quebec and University of Lausanne in Switzerland are associated to this project. One e-learning Moodle platform (http://moodle.sorbonne-paris-cite.fr/) contains texts with URL pointing toward virtual slides that are decentralized in several universities. Each university has the responsibility of its own slide scanning, slide storage and online display with virtual slide viewers. The Moodle website is hosted by PRES Sorbonne Paris Cité, and financial supports for hardware have been obtained from UNF3S (http://www.unf3s.org/) and from PRES Sorbonne Paris Cité. Financial support for international fellowships has been obtained from CFQCU (http://www.cfqcu.org/). Results: The Moodle interface has been explained to pathology teachers using web-based conferences with screen sharing. The teachers added then contents such as clinical cases, selfevaluations and other media organized in several sections by student levels and pathological fields. Contents can be used as online learning or online preparation of subsequent courses in classrooms. In autumn 2013, one resident from Quebec spent 6 weeks in France and Switzerland and created original contents in inflammatory skin pathology. These contents are currently being validated by senior teachers and will be opened to pathology residents in spring 2014. All contents of the website can be accessed for free. Most contents just require anonymous connection but some specific fields, especially those containing pictures obtained from patients who agreed for a teaching use only, require personal identification of the students. Also, students have to register to access Moodle tests. All contents are written in French but one case has been translated into English to illustrate this communication (http://moodle.sorbonne-pariscite.fr/mod/page/view.php?id=261) (use "login as a guest"). The Moodle test module allows many types of shared questions, making it easy to create personalized tests. Contents that are opened to students have been validated by an editorial committee composed of colleagues from the participating institutions. Conclusions: Future developments include other international fellowships, the next one being scheduled for one French resident from May to October 2014 in Quebec, with a study program centered on lung and breast pathology. It must be kept in mind that these e-learning programs highly depend on teachers' time, not only at these early steps but also later to update the contents. We believe that funding resident fellowships for developing online pathological teaching contents is a win-win situation, highly beneficial for the resident who will improve his knowledge and way of thinking, highly beneficial for the teachers who will less worry about access rights or image formats, and finally highly beneficial for the students who will get courses fully adapted to their practice.
Resumo:
EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RÉSUMÉ : Contexte général de la thèse L'évaluation de la sécurité en général, et plus particulièrement, celle de la sécurité de l'information, est devenue pour les organisations non seulement une mission cruciale à réaliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette évaluation se base principalement sur des méthodologies, des bonnes pratiques, des normes ou des standards qui appréhendent séparément les différents aspects qui composent la sécurité de l'information. Nous pensons que cette manière d'évaluer la sécurité est inefficiente, car elle ne tient pas compte de l'interaction des différentes dimensions et composantes de la sécurité entre elles, bien qu'il soit admis depuis longtemps que le niveau de sécurité globale d'une organisation est toujours celui du maillon le plus faible de la chaîne sécuritaire. Nous avons identifié le besoin d'une approche globale, intégrée, systémique et multidimensionnelle de l'évaluation de la sécurité de l'information. En effet, et c'est le point de départ de notre thèse, nous démontrons que seule une prise en compte globale de la sécurité permettra de répondre aux exigences de sécurité optimale ainsi qu'aux besoins de protection spécifiques d'une organisation. Ainsi, notre thèse propose un nouveau paradigme d'évaluation de la sécurité afin de satisfaire aux besoins d'efficacité et d'efficience d'une organisation donnée. Nous proposons alors un modèle qui vise à évaluer d'une manière holistique toutes les dimensions de la sécurité, afin de minimiser la probabilité qu'une menace potentielle puisse exploiter des vulnérabilités et engendrer des dommages directs ou indirects. Ce modèle se base sur une structure formalisée qui prend en compte tous les éléments d'un système ou programme de sécurité. Ainsi, nous proposons un cadre méthodologique d'évaluation qui considère la sécurité de l'information à partir d'une perspective globale. Structure de la thèse et thèmes abordés Notre document est structuré en trois parties. La première intitulée : « La problématique de l'évaluation de la sécurité de l'information » est composée de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modèle d'évaluation proposé. La maniéré traditionnelle de l'évaluation de la sécurité fait l'objet d'une analyse critique pour identifier les éléments principaux et invariants à prendre en compte dans notre approche holistique. Les éléments de base de notre modèle d'évaluation ainsi que son fonctionnement attendu sont ensuite présentés pour pouvoir tracer les résultats attendus de ce modèle. Le chapitre 2 se focalise sur la définition de la notion de Sécurité de l'Information. Il ne s'agit pas d'une redéfinition de la notion de la sécurité, mais d'une mise en perspectives des dimensions, critères, indicateurs à utiliser comme base de référence, afin de déterminer l'objet de l'évaluation qui sera utilisé tout au long de notre travail. Les concepts inhérents de ce qui constitue le caractère holistique de la sécurité ainsi que les éléments constitutifs d'un niveau de référence de sécurité sont définis en conséquence. Ceci permet d'identifier ceux que nous avons dénommés « les racines de confiance ». Le chapitre 3 présente et analyse la différence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Sécurité, afin d'identifier les éléments constitutifs du cadre de protection à inclure dans notre modèle d'évaluation. Le chapitre 4 est consacré à la présentation de notre modèle d'évaluation Information Security Assurance Assessment Model (ISAAM) et la manière dont il répond aux exigences de l'évaluation telle que nous les avons préalablement présentées. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analysés. En se basant sur ces deux concepts, la structure du modèle d'évaluation est développée pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'évaluation, à savoir : « la structure de confiance », « la qualité du processus », et « la réalisation des exigences et des objectifs ». Les problématiques liées à chacun de ces attributs d'évaluation sont analysées en se basant sur l'état de l'art de la recherche et de la littérature, sur les différentes méthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la sécurité. Sur cette base, trois différents niveaux d'évaluation sont construits, à savoir : le niveau d'assurance, le niveau de qualité et le niveau de maturité qui constituent la base de l'évaluation de l'état global de la sécurité d'une organisation. La deuxième partie: « L'application du Modèle d'évaluation de l'assurance de la sécurité de l'information par domaine de sécurité » est elle aussi composée de quatre chapitres. Le modèle d'évaluation déjà construit et analysé est, dans cette partie, mis dans un contexte spécifique selon les quatre dimensions prédéfinies de sécurité qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Légale. Chacune de ces dimensions et son évaluation spécifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une évaluation en deux phases est construite comme suit. La première phase concerne l'identification des éléments qui constituent la base de l'évaluation: ? Identification des éléments clés de l'évaluation ; ? Identification des « Focus Area » pour chaque dimension qui représentent les problématiques se trouvant dans la dimension ; ? Identification des « Specific Factors » pour chaque Focus Area qui représentent les mesures de sécurité et de contrôle qui contribuent à résoudre ou à diminuer les impacts des risques. La deuxième phase concerne l'évaluation de chaque dimension précédemment présentées. Elle est constituée d'une part, de l'implémentation du modèle général d'évaluation à la dimension concernée en : ? Se basant sur les éléments spécifiés lors de la première phase ; ? Identifiant les taches sécuritaires spécifiques, les processus, les procédures qui auraient dû être effectués pour atteindre le niveau de protection souhaité. D'autre part, l'évaluation de chaque dimension est complétée par la proposition d'un modèle de maturité spécifique à chaque dimension, qui est à considérer comme une base de référence pour le niveau global de sécurité. Pour chaque dimension nous proposons un modèle de maturité générique qui peut être utilisé par chaque organisation, afin de spécifier ses propres exigences en matière de sécurité. Cela constitue une innovation dans le domaine de l'évaluation, que nous justifions pour chaque dimension et dont nous mettons systématiquement en avant la plus value apportée. La troisième partie de notre document est relative à la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernière partie est complétée par une bibliographie et des annexes. Notre modèle d'évaluation de la sécurité intègre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les méthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive répond à un véritable problème non encore résolu, auquel doivent faire face toutes les organisations, indépendamment de la taille et du profil. Cela permettrait à ces dernières de spécifier leurs exigences particulières en matière du niveau de sécurité à satisfaire, d'instancier un processus d'évaluation spécifique à leurs besoins afin qu'elles puissent s'assurer que leur sécurité de l'information soit gérée d'une manière appropriée, offrant ainsi un certain niveau de confiance dans le degré de protection fourni. Nous avons intégré dans notre modèle le meilleur du savoir faire, de l'expérience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modèle d'évaluation simple, générique et applicable à un grand nombre d'organisations publiques ou privées. La valeur ajoutée de notre modèle d'évaluation réside précisément dans le fait qu'il est suffisamment générique et facile à implémenter tout en apportant des réponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'évaluation fiable, efficient et dynamique découlant d'une approche d'évaluation cohérente. De ce fait, notre système d'évaluation peut être implémenté à l'interne par l'entreprise elle-même, sans recourir à des ressources supplémentaires et lui donne également ainsi la possibilité de mieux gouverner sa sécurité de l'information.
